Univention Bugzilla – Bug 42351
No iptables during installation - should skip [re]start - massive error output
Last modified: 2017-04-04 18:28:55 CEST
The Linux kernel used during Debian-Install has not iptables: > [....] Stopping Univention iptables configuration:: > iptables v1.4.14: can't initialize iptables table `filter': Table does not exist (do you need to insmod?) > Perhaps iptables or your kernel needs to be upgraded.
The init-d script now checks before start/stop/restart if "iptables --wait -t filter -L" runs with exitcode 0. If this is not the case, a warning is shown and the actual iptables calls are skipped. univention-firewall (9.0.0-7): r77146 | Bug #42351: do not start/stop/restart firewall if iptables is not supported / working properly Package: univention-firewall Version: 9.0.0-7A~4.2.0.201702281323 Branch: ucs_4.2-0
root@master:~# grep "iptables" /var/log/apt/term.log /var/log/syslog /var/log/apt/term.log:univention-firewall: iptables seems to be unsupported. ... (warning). /var/log/apt/term.log:univention-firewall: iptables seems to be unsupported. ... (warning). [...] /var/log/syslog:Mar 1 09:35:55 master systemd[1]: Starting LSB: Univention iptables configuration... /var/log/syslog:Mar 1 09:35:57 master univention-firewall[818]: Starting Univention iptables configuration...done. /var/log/syslog:Mar 1 09:35:57 master systemd[1]: Started LSB: Univention iptables configuration. /var/log/syslog:Mar 1 09:36:32 master systemd[1]: Stopping LSB: Univention iptables configuration... /var/log/syslog:Mar 1 09:36:32 master univention-firewall[1691]: Stopping Univention iptables configuration:done. [...]
OK: manual test: # mv /lib/modules/$(uname -r)/kernel/net/netfilter/x_tables.ko /lib/modules/$(uname -r)/kernel/net/netfilter/x_tables.ko_ # reboot # systemctl restart univention-firewall # echo $? 0 # grep univention-firewall /var/log/syslog Mar 6 13:32:58 m120 univention-firewall[2184]: univention-firewall: iptables seems to be unsupported. ... (warning).
univention-firewall has not been built and fails to build due to ucs-test: E:0017-4: debian/univention-firewall.init:61:37: iptables without --wait → log_warning_msg "$NAME: iptables seems to be unsupported." E:0017-4: debian/univention-firewall.init:82:37: iptables without --wait → log_warning_msg "$NAME: iptables seems to be unsupported." --> pbuilder failed! Command failed with 1 Build failed, bailing out
Package: univention-firewall Version: 9.0.0-11A~4.2.0.201703171731 Branch: ucs_4.2-0 univention-firewall (9.0.0-11): r77922 | Bug #42351: add additional ucslint overrides r77917 | Bug #42351: add ucslint overrides
(In reply to Sönke Schwardt-Krummrich from comment #5) > Package: univention-firewall > Version: 9.0.0-11A~4.2.0.201703171731 > Branch: ucs_4.2-0 > > univention-firewall (9.0.0-11): > r77922 | Bug #42351: add additional ucslint overrides > r77917 | Bug #42351: add ucslint overrides OK: build OK: no error messages in syslog, just a warning OK: ucslint (only a warning about a not-built UMC module remains)
UCS 4.2 has been released: https://docs.software-univention.de/release-notes-4.2-0-en.html https://docs.software-univention.de/release-notes-4.2-0-de.html If this error occurs again, please use "Clone This Bug".