Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1737171
Summary: | Broken nftables rules loading in kernel 5.2 | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | nucleo <alekcejk> |
Component: | kernel | Assignee: | Kernel Maintainer List <kernel-maint> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 30 | CC: | airlied, bskeggs, hdegoede, ichavero, itamar, jarodwilson, jeremy, jglisse, john.j5live, jonathan, josef, kernel-maint, labbott, linville, mchehab, mjg59, steved |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | kernel-5.2.7-200.fc30 kernel-5.2.7-100.fc29 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2019-08-11 01:13:47 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
nucleo
2019-08-03 09:29:17 UTC
Does this work with the rawhide kernel? That will determine what kind of steps we need to take. In Rawhide with kernel 5.3.0-0.rc2.git4.1.fc31.x86_64 no error when adding rule "nft add rule ip nat prerouting tcp dport 2222 counter redirect to :22". But if I boot Rawhide with kernel 5.2.6-200.fc30.x86_64 then then I get a "No such file or directory" error. Okay that means that it was fixed in rawhide and should make its way to stable eventually. The networking fixes are a bit slower for stable so if we can identify the specific fix we can bring it in sooner. If you want to do a reverse bisect (see which commit fixed the problem) that would probably be the fastest. I have hunch the fix is https://github.com/torvalds/linux/commit/f41828ee10b36644bb2b2bfa9dd1d02f55aa0516, please test the scratch build at https://koji.fedoraproject.org/koji/taskinfo?taskID=36836252 when it finishes nft_redir loading fixed with 5.2.6-200.rhbz1737171.fc30.x86_64 linux-5.2.7 still with MODULE_ALIAS_NFT_EXPR("nat"); FEDORA-2019-e37c348348 has been submitted as an update to Fedora 30. https://bodhi.fedoraproject.org/updates/FEDORA-2019-e37c348348 FEDORA-2019-6bda4c81f4 has been submitted as an update to Fedora 29. https://bodhi.fedoraproject.org/updates/FEDORA-2019-6bda4c81f4 kernel-5.2.7-200.fc30, kernel-headers-5.2.7-200.fc30, kernel-tools-5.2.7-200.fc30 has been pushed to the Fedora 30 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-e37c348348 kernel-5.2.7-100.fc29, kernel-headers-5.2.7-100.fc29, kernel-tools-5.2.7-100.fc29 has been pushed to the Fedora 29 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-6bda4c81f4 kernel-5.2.7-200.fc30, kernel-headers-5.2.7-200.fc30, kernel-tools-5.2.7-200.fc30 has been pushed to the Fedora 30 stable repository. If problems still persist, please make note of it in this bug report. kernel-5.2.7-100.fc29, kernel-headers-5.2.7-100.fc29, kernel-tools-5.2.7-100.fc29 has been pushed to the Fedora 29 stable repository. If problems still persist, please make note of it in this bug report. |