I have been hit by the bug https://bugzilla.redhat.com/show_bug.cgi?id=493226 (restarting iptables ignores values in /etc/sysctl.conf). This bug has been fixed by RH quite a while ago.
The server has had yum update run many times since the RH fixed this bug. The lastest run, yum said everything was updated. However that’s obviously not the case since when I restart iptables, the value net.ipv4.netfilter.ip_conntrack_tcp_be_liberal gets set to 0, ignoring what is in /etc/sysctl.conf
The solution in the bug is to apply a patch that fixes /etc/rc.d/init.d/iptables and /etc/sysconfig/iptables-config. I’ve tried the patch and it does fix the problem
However I’d like to make yum fix this so I reverted the files in question. I’ve tried yum update and yum install iptables (that package provides both of the files in question) but it doesn’t fix the problem.
What can I do to make yum get the correct files installed from the iptables package?
Thanks in advance.
The bug you linked was closed as a duplicate of bug 552522.
That bug then links to RHBA-2012:0255-1, which states the issue was fixed in
iptables-1.3.5-9.1.el5. Unfortunately, you didn’t tell us what version of
iptables your system has installed, so you’ll have to do the comparison yourself. Make sure you have actually installed this or a later version.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.