lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20100720192256.EC3661200AA@smtp.hushmail.com>
Date:	Tue, 20 Jul 2010 22:22:56 +0300
From:	auto401300@...hmail.com
To:	maciej.rutecki@...il.com
Cc:	netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: netfilter/iptables stopped logging 2.6.35-rc



On Tue, 20 Jul 2010 15:51:03 +0300 Maciej Rutecki 
<maciej.rutecki@...il.com> wrote:
>On sobota, 17 lipca 2010 o 09:20:36 auto401300@...hmail.com wrote:
>> Hi!
>> 
>> Has something broken with netfilter/iptables logging in 2.6.35-
>rc,
>> or is there something new I should set in .config since .34?
>> 
>> 
>> I just verified that if I boot .34 and ping the pc it does 
>logging:
>> 
>> Jul 17 09:42:49 xxxxx kernel: Linux version 2.6.34-ab 
>(root@...xx)
>> (gcc version 4.4.4 (Debian 4.4.4-1) ) #1 SMP PREEMPT Mon May 17
>> 09:15
>> 
>> :15 EEST 2010
>> 
>> ....
>> Jul 17 09:44:52 xxxxx kernel: DENY  in: IN=eth0 OUT= MAC=xxxxx
>> SRC=xxxxx DST=xxxxx LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=38945
>> PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=256
>> 
>> 
>> but if I boot .35-rc4 and ping:
>> 
>> Jul 17 09:48:08 xxxxx kernel: Linux version 2.6.35-rc4-aa
>> (root@...xx) (gcc version 4.4.4 (Debian 4.4.4-6) ) #1 SMP 
>PREEMPT
>> Mon Jul 5 15:22:02 EEST 2010
>> ....
>> nothing from iptables in log
>> 
>> 
>> userspace is same, only booted different kernel versions
>
>I created a Bugzilla entry at 
>https://bugzilla.kernel.org/show_bug.cgi?id=16423
>for your bug report, please add your address to the CC list in 
>there, thanks!
>
>-- 
>Maciej Rutecki
>http://www.maciek.unixy.pl


I just thought that whole initramfs may be also different and tried 
to compile
.34 again to test if it still does iptables logging with current 
toolchain but
just now debian kernel-package is broken due to
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=589700
I will try again when that is fixed

thanks.

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ