From 75db9b8afce97e568c3a10683a3dcd2ef359523e Mon Sep 17 00:00:00 2001 From: AZaugg Date: Mon, 1 Apr 2024 11:40:44 -0700 Subject: [PATCH] iptables, flush and restore raw table (#8501) As part of an iptables restart, flush and reset the netfilter raw table. --- SPECS/iptables/iptables | 4 ++++ SPECS/iptables/iptables.signatures.json | 4 ++-- SPECS/iptables/iptables.spec | 5 ++++- SPECS/iptables/iptables.stop | 4 ++++ 4 files changed, 14 insertions(+), 3 deletions(-) diff --git a/SPECS/iptables/iptables b/SPECS/iptables/iptables index 9f2676a121..f34a92c464 100644 --- a/SPECS/iptables/iptables +++ b/SPECS/iptables/iptables @@ -57,6 +57,8 @@ iptables -F iptables -X iptables -Z +iptables -t raw -F +iptables -t raw -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F @@ -66,6 +68,8 @@ ip6tables -F ip6tables -X ip6tables -Z +ip6tables -t raw -F +ip6tables -t raw -X ip6tables -t nat -F ip6tables -t nat -X ip6tables -t mangle -F diff --git a/SPECS/iptables/iptables.signatures.json b/SPECS/iptables/iptables.signatures.json index 421dbbda04..1b082ba0d1 100644 --- a/SPECS/iptables/iptables.signatures.json +++ b/SPECS/iptables/iptables.signatures.json @@ -2,9 +2,9 @@ "Signatures": { "ip4save": "f786a0a55cee6aa5a29d0bfd531d982205dc566bb622250f13f0f90a85ac1e2a", "ip6save": "e676691dac74076ad1a9475bd1a9dcc35d40cc99faf56e4767725c94b53a5bdd", - "iptables": "31bdf451aa30c50f01d61fc748434759aa003fa2a2edb3a1c10f034e706eb2f4", + "iptables": "a1981d0e5a7e6b0546d17fcddb5bdc6b639a136b5c2f7f2b2b54d18a41b3d6ac", "iptables-1.8.10.tar.xz": "5cc255c189356e317d070755ce9371eb63a1b783c34498fb8c30264f3cc59c9c", "iptables.service": "40c2a272a6abb4d3e50ff9ae83cedaa241ad5963f27cb5aee113d15597553620", - "iptables.stop": "82552df9a7edc2f764369d0b944a26abb2cafd9259f65b9da2760c4115a4ff29" + "iptables.stop": "749be754470183b3edf69ff53109806a81e0b4c4578858faf96d23d59966ef5d" } } diff --git a/SPECS/iptables/iptables.spec b/SPECS/iptables/iptables.spec index de2b2b1484..45a2377da8 100644 --- a/SPECS/iptables/iptables.spec +++ b/SPECS/iptables/iptables.spec @@ -1,7 +1,7 @@ Summary: Linux kernel packet control tool Name: iptables Version: 1.8.10 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Vendor: Microsoft Corporation Distribution: Azure Linux @@ -100,6 +100,9 @@ find %{buildroot} -type f -name "*.la" -delete -print %{_mandir}/man3/* %changelog +* Mon Mar 18 2024 Andy Zaugg - 1.8.10-2 +- Flush raw table when restarting iptables service + * Fri Feb 09 2024 Amrita Kohli - 1.8.10-1 - Upgrade version for Mariner 3.0 release diff --git a/SPECS/iptables/iptables.stop b/SPECS/iptables/iptables.stop index 3f2e14caf7..9200d9d243 100644 --- a/SPECS/iptables/iptables.stop +++ b/SPECS/iptables/iptables.stop @@ -4,6 +4,8 @@ iptables -Z iptables -F +iptables -t raw -F +iptables -t raw -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F @@ -15,6 +17,8 @@ iptables -P OUTPUT ACCEPT ip6tables -Z ip6tables -F +ip6tables -t raw -F +ip6tables -t raw -X ip6tables -t nat -F ip6tables -t nat -X ip6tables -t mangle -F