Your message dated Tue, 17 Dec 2013 00:19:13 +0000 with message-id <[email protected]> and subject line Bug#699904: fixed in iptables 1.4.21-1 has caused the Debian Bug report #699904, regarding iptables: Error in manpage section for string extension to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 699904: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699904 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: iptables Version: 1.4.14-3 Severity: minor Dear Maintainer, The manual page for iptables (or iptables-extensions in the newest version) does not correctly document the string extension. The manual page states that a hex-string can be specified using the option '--hex-string'. However, specifying a sequence of hex chars just makes it a regular string instead: # iptables -t filter --append INPUT -m string --algo bm --hex-string "010203" --jump DROP # iptables -S INPUT -A INPUT -m string --string "010203" --algo bm --to 65535 -j DROP It appears that --hex-string is just like --string, except that it interprets (only) characters between '|'-characters as a hex string: # iptables -t filter --append INPUT -m string --algo bm --hex-string "$(printf "\1\2\3")" --jump DROP # iptables -S INPUT -A INPUT -m string --hex-string "|010203|" --algo bm --to 65535 -j DROP # iptables -t filter -A INPUT -m string --hex-string "|040506|" --algo bm --to 65535 -j DROP # iptables -t filter -A INPUT -m string --hex-string "0|00|1|01|" --algo bm --to 65535 -j DROP -A INPUT -m string --hex-string "|010203|" --algo bm --to 65535 -j DROP -A INPUT -m string --hex-string "|040506|" --algo bm --to 65535 -j DROP -A INPUT -m string --hex-string "|30003101|" --algo bm --to 65535 -j DROP Regular '|' and '\' characters that are part of the --hex-string pattern can be escaped using '\'. Kind regards, Rogier. -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages iptables depends on: ii libc6 2.13-37 ii libnfnetlink0 1.0.0-1 iptables recommends no packages. iptables suggests no packages. -- no debconf information
--- End Message ---
--- Begin Message ---Source: iptables Source-Version: 1.4.21-1 We believe that the bug you reported is fixed in the latest version of iptables, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Laurence J. Lane <[email protected]> (supplier of updated iptables package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 01 Dec 2013 19:48:23 -0500 Source: iptables Binary: iptables libxtables10 iptables-dev Architecture: source amd64 Version: 1.4.21-1 Distribution: unstable Urgency: low Maintainer: Laurence J. Lane <[email protected]> Changed-By: Laurence J. Lane <[email protected]> Description: iptables - administration tools for packet filtering and NAT iptables-dev - iptables development files libxtables10 - netfilter xtables library Closes: 567564 580941 644819 654983 660748 668582 698393 699537 699904 Changes: iptables (1.4.21-1) unstable; urgency=low . * New upstream release + Corrected spurious load_extension errors. Closes: #699537 + Corrected man page icmp defaults. Closes: #644819 + Corrected state man page. Closes: #654983 + Corrected address in hashlimit man page. Closes: #698393 + Removed syslogd man page references. Closes: #567564 + Added string match man page hex examples. Closes: #699904 + Merged 0201-iptables-xml_man_section.patch + Merged 0303-extension_cppflags.patch + Merged 0401-state-match-display.patch * Updated iptables-apply to v1.1. Closes: #580941 * Use mktemp instead of tmpfile for iptables-apply. Closes: #668582 * Add iptables-apply info to man pages. Closes: #660748 * Updated debian/copyright * Updated debian/control Description * Removed debian/builddir hack and other debian/rules cruft * Removed debug info from README.Debian Checksums-Sha1: b58fb9867aae99dbf3c8ae587c061706f2d8dcd2 1290 iptables_1.4.21-1.dsc 85d4160537546a23a7e42bc26dd7ee62a0ede4c8 547439 iptables_1.4.21.orig.tar.bz2 554e80d83f5a036e71650da308271d64a95efb90 60630 iptables_1.4.21-1.debian.tar.gz 463cf91ab7684f34b05598fe9976e46f1ad760aa 274860 iptables_1.4.21-1_amd64.deb 547da4a19c96f7d051bd736fc8daa7e3bd4168e0 66688 libxtables10_1.4.21-1_amd64.deb c6089ee3ab25e6a3661b62fd9c88c4411cf3a970 69508 iptables-dev_1.4.21-1_amd64.deb Checksums-Sha256: 7a9b3226bec3a991a82cb9606781dba83744826793d73ace1a19584f9c6d6a41 1290 iptables_1.4.21-1.dsc 52004c68021da9a599feed27f65defcfb22128f7da2c0531c0f75de0f479d3e0 547439 iptables_1.4.21.orig.tar.bz2 bb65bd7cc4ee0c450152f7561ee0570c20ea0211f1d6708e15c3718f8b89bfb8 60630 iptables_1.4.21-1.debian.tar.gz be8332b4a20d8460c4065d50ae6d8343af1fdc843d23dfc987a13740cf3baacd 274860 iptables_1.4.21-1_amd64.deb d07c41dee4414fdfad69489d7aba7dd2afce126fceb615ce3817c2743bc7aaf5 66688 libxtables10_1.4.21-1_amd64.deb db858b81f6d945249ca121ea32d6bed7654b3a18219da0e61bad652f46d24d38 69508 iptables-dev_1.4.21-1_amd64.deb Files: 9e52f00725384085c1dd3b6cf4a1f022 1290 net important iptables_1.4.21-1.dsc 536d048c8e8eeebcd9757d0863ebb0c0 547439 net important iptables_1.4.21.orig.tar.bz2 d03bf033d0a15b8e888a1ba0f49318cd 60630 net important iptables_1.4.21-1.debian.tar.gz a80cf9c805593377b54287ad5bd542c5 274860 net important iptables_1.4.21-1_amd64.deb b12dc0292fa369d3d69aa5ebba42e5d3 66688 net important libxtables10_1.4.21-1_amd64.deb 14b2de1fc6d6438b9a65af0346f168c3 69508 devel optional iptables-dev_1.4.21-1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) iEYEARECAAYFAlKvlWoACgkQxJBkNlXToek2EACdHPdZoJu5BiXgyVzSJ4qSMNFn GywAnjWARtsOaHA0JJaOVDfueCVgy8ca =xqUQ -----END PGP SIGNATURE-----
--- End Message ---
