kernel-packages team mailing list archive

Thread
Date

[Bug 1234877] Missing required logs.

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Brad Figg <brad.figg@xxxxxxxxxxxxx>
Date: Tue, 29 Oct 2013 22:30:06 -0000
Reply-to: Bug 1234877 <1234877@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug is missing log files that will aid in diagnosing the problem.
>From a terminal window please run:

apport-collect 1234877

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable
to run this command, please add a comment stating that fact and change
the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the
Ubuntu Kernel Team.

** Changed in: linux (Ubuntu)
       Status: New => Incomplete

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1234877

Title:
  ip6tables - --reject-with tcp-reset does not work correctly in chain
  OUTPUT

Status in “linux” package in Ubuntu:
  Incomplete

Bug description:
  Hello,

  We use:

  Description:	Ubuntu 12.04.3 LTS
  Release:	12.04

  kernel 3.2.2 (checked also 3.8* and 3.10.5-031005-generic kernels. Same.)
  iptables=1.4.12-1ubuntu5
  and ipv6

  We noticed that --reject-with tcp-reset works 7 seconds:

  ip6tables -I OUTPUT -p tcp --dport 10001 -j REJECT --reject-with tcp-reset
  such rule

  ip6tables -L
  Chain INPUT (policy ACCEPT)
  target     prot opt source               destination         

  Chain FORWARD (policy ACCEPT)
  target     prot opt source               destination         

  Chain OUTPUT (policy ACCEPT)
  target     prot opt source               destination         
  REJECT     tcp      anywhere             anywhere             tcp dpt:10001 reject-with tcp-reset

  time telnet <ourlovelyipv6onlyserver> 10001
  Trying 2a02:6b8:0:c10*...
  telnet: Unable to connect to remote host: Connection timed out

  real	0m7.012s
  user	0m0.000s
  sys	0m0.000s

  Rule works:

  ip6tables -vL
  Chain INPUT (policy ACCEPT 506 packets, 49495 bytes)
   pkts bytes target     prot opt in     out     source               destination         

  Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
   pkts bytes target     prot opt in     out     source               destination         

  Chain OUTPUT (policy ACCEPT 346 packets, 37392 bytes)
   pkts bytes target     prot opt in     out     source               destination         
      3   216 REJECT     tcp      any    any     anywhere             anywhere             tcp dpt:10001 reject-with tcp-reset

  Tcpdump is empty. Packet counter increases. All well.
  But it works 7 seconds

  iptables does the same within 0.005s

  I think this is a bug.

  Thank you.
  Have a nice day.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1234877/+subscriptions