Package: apf-firewall Version: 9.7+rev1-2 Severity: important In /etc/apf-firewall/internals/functions.apf, there is this line:
if [ "$RAB" == "1" ] && [ ! -f "/lib/modules/$(uname -r)/kernel/net/ipv4/netfilter/ipt_recent.$MEXT" ]; then Well, this doesn't work because ipt_recent is now xt_recent. This means that reactive address blocking (RAB) is broken, which means that APF's ability to detect and respond to portscans (one of its most important features) is inoperative. Changes further up in the file indicate that someone knows about the xt_recent change, but for whatever reason they forgot to fix it there. -- System Information: Debian Release: 6.0.7 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages apf-firewall depends on: ii iptables 1.4.8-3 administration tools for packet fi ii lsb-base 3.2-23.2squeeze1 Linux Standard Base 3.2 init scrip ii wget 1.12-2.1 retrieves files from the web apf-firewall recommends no packages. apf-firewall suggests no packages. -- Configuration Files: /etc/apf-firewall/conf.apf changed [not included] /etc/apf-firewall/ds_hosts.rules changed [not included] /etc/apf-firewall/glob_allow.rules changed [not included] /etc/apf-firewall/glob_deny.rules changed [not included] /etc/apf-firewall/internals/reserved.networks changed [not included] /etc/default/apf-firewall changed [not included] -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
