yum not updating /etc/rc.d/init.d/iptables

Jistanidiot asked:

I have been hit by the bug https://bugzilla.redhat.com/show_bug.cgi?id=493226 (restarting iptables ignores values in /etc/sysctl.conf). This bug has been fixed by RH quite a while ago.

The server has had yum update run many times since the RH fixed this bug. The lastest run, yum said everything was updated. However that’s obviously not the case since when I restart iptables, the value net.ipv4.netfilter.ip_conntrack_tcp_be_liberal gets set to 0, ignoring what is in /etc/sysctl.conf

The solution in the bug is to apply a patch that fixes /etc/rc.d/init.d/iptables and /etc/sysconfig/iptables-config. I’ve tried the patch and it does fix the problem

However I’d like to make yum fix this so I reverted the files in question. I’ve tried yum update and yum install iptables (that package provides both of the files in question) but it doesn’t fix the problem.

What can I do to make yum get the correct files installed from the iptables package?

Thanks in advance.

My answer:


The bug you linked was closed as a duplicate of bug 552522.

That bug then links to RHBA-2012:0255-1, which states the issue was fixed in iptables-1.3.5-9.1.el5. Unfortunately, you didn’t tell us what version of iptables your system has installed, so you’ll have to do the comparison yourself. Make sure you have actually installed this or a later version.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.