Bug#1063844: iptables-persistent: In the flush_rules() function for IPv
From
Gabor Zsoldos@21:1/5 to
All on Tue Feb 13 15:40:01 2024
Package: iptables-persistent
Version: 1.0.20
Severity: normal
Dear Maintainer,
When using user-defined chains in iptables, the netfilter-persistent flush command will write a message for each matching chain name like this:
iptables: Bad built-in chain name.
I suggest changing this regular expression in the flush_rules function of the 15-ip4tables and 25-ip6tables scripts:
s/^:([A-Z]+).*/\1/p
to this:
s/^:([A-Z]+) [A-Z]+ .*/\1/p
This regular expression only captures the embedded chains, excluding user-defined chains, in the iptables-save output text.
-- System Information:
Debian Release: 12.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.0-17-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=C, LC_CTYPE=C (charmap=UTF-8) (ignored: LC_ALL set to hu_HU.UTF8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages iptables-persistent depends on:
ii debconf [debconf-2.0] 1.5.82
ii iptables 1.8.9-2
ii netfilter-persistent 1.0.20
iptables-persistent recommends no packages.
iptables-persistent suggests no packages.
-- debconf information excluded
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)