FS#25928 - [NetworkManager] connection sharing broken due to bad iptables command

Attached to Project: Arch Linux
Opened by Ignacio Aguilera (jiaguilera) - Thursday, 08 September 2011, 14:41 GMT
Last edited by Ionut Biru (wonder) - Wednesday, 02 November 2011, 21:03 GMT
Task Type Bug Report
Category Upstream Bugs
Status Closed
Assigned To Ionut Biru (wonder)
Jan Alexander Steffens (heftig)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
Connection sharing wasn't working properly.
I could ping to host but there was not package forwarding (no Internet access).
After patching, connection sharing is working again.


Additional info:
* package version(s)
iptables-1.4.12.1-1
networkmanager-0.9.0-1

* config and/or log files etc.

[/var/log/messages.log]

Sep 8 10:02:03 localhost NetworkManager[1125]: <info> Executing: /usr/sbin/iptables --table filter --insert INPUT --in-interface eth0 --protocol tcp --destination-port 53 --jump ACCEPT
Sep 8 10:02:04 localhost NetworkManager[1125]: <info> Executing: /usr/sbin/iptables --table filter --insert INPUT --in-interface eth0 --protocol udp --destination-port 53 --jump ACCEPT
Sep 8 10:02:04 localhost NetworkManager[1125]: <info> Executing: /usr/sbin/iptables --table filter --insert INPUT --in-interface eth0 --protocol tcp --destination-port 67 --jump ACCEPT
Sep 8 10:02:04 localhost NetworkManager[1125]: <info> Executing: /usr/sbin/iptables --table filter --insert INPUT --in-interface eth0 --protocol udp --destination-port 67 --jump ACCEPT
Sep 8 10:02:04 localhost NetworkManager[1125]: <info> Executing: /usr/sbin/iptables --table filter --insert FORWARD --in-interface eth0 --jump REJECT
Sep 8 10:02:04 localhost NetworkManager[1125]: <info> Executing: /usr/sbin/iptables --table filter --insert FORWARD --out-interface eth0 --jump REJECT
Sep 8 10:02:04 localhost NetworkManager[1125]: <info> Executing: /usr/sbin/iptables --table filter --insert FORWARD --in-interface eth0 --out-interface eth0 --jump ACCEPT
Sep 8 10:02:04 localhost NetworkManager[1125]: <info> Executing: /usr/sbin/iptables --table filter --insert FORWARD --source 10.42.43.0/255.255.255.0 --in-interface eth0 --jump ACCEPT
Sep 8 10:02:04 localhost NetworkManager[1125]: <info> Executing: /usr/sbin/iptables --table filter --insert FORWARD --destination 10.42.43.0/255.255.255.0 --out-interface eth0 --match state --state ESTABLISHED,RELATED --jump ACCEPT
Sep 8 10:02:04 localhost NetworkManager[1125]: <info> Executing: /usr/sbin/iptables --table nat --insert POSTROUTING --source 10.42.43.0/255.255.255.0 --destination ! 10.42.43.0/255.255.255.0 --jump MASQUERADE
Sep 8 10:02:04 localhost NetworkManager[1125]: <warn> ** Command returned exit status 2.
Sep 8 10:02:04 localhost NetworkManager[1125]: <info> Starting dnsmasq...
Sep 8 10:02:04 localhost NetworkManager[1125]: <info> (eth0): device state change: ip-config -> activated (reason 'none') [70 100 0]
Sep 8 10:02:04 localhost NetworkManager[1125]: <info> Activation (eth0) successful, device activated.
Sep 8 10:02:04 localhost NetworkManager[1125]: <info> Activation (eth0) Stage 5 of 5 (IP Configure Commit) complete.





And the output of the offending command:

[ignacio@ignacio-desk ~]$ sudo /usr/sbin/iptables --table nat --insert POSTROUTING --source 10.42.43.0/255.255.255.0 --destination ! 10.42.43.0/255.255.255.0 --jump MASQUERADE
[sudo] password for ignacio:
Bad argument `10.42.43.0/255.255.255.0'
Try `iptables -h' or 'iptables --help' for more information.




Steps to reproduce:
Fresh install, configure internet connection on wlan0 and connection sharing on eth0.
   connection_sharing_fix.patch (0.9 KiB)
This task depends upon

Closed by  Ionut Biru (wonder)
Wednesday, 02 November 2011, 21:03 GMT
Reason for closing:  Fixed
Additional comments about closing:  networkmanager 0.9.1.95-1
Comment by Ionut Biru (wonder) - Thursday, 08 September 2011, 15:04 GMT
please report this upstream for review and paste the link here
Comment by Ignacio Aguilera (jiaguilera) - Thursday, 08 September 2011, 15:18 GMT
https://bugzilla.gnome.org/show_bug.cgi?id=658571

Loading...