[Bug 967355] New: sysctl option net.netfilter.nf_conntrack_tcp_loose reverts to default
http://bugzilla.opensuse.org/show_bug.cgi?id=967355 Bug ID: 967355 Summary: sysctl option net.netfilter.nf_conntrack_tcp_loose reverts to default Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.1 Hardware: All OS: openSUSE 42.1 Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: chemist777@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.109 Safari/537.36 Build Identifier: I have this line in /etc/sysctl.conf: net.netfilter.nf_conntrack_tcp_loose=0 But after reboot it reverts to default value 1. csrv:~ # sysctl -a | grep loose net.netfilter.nf_conntrack_tcp_loose = 1 The only one netfilter option net.netfilter.nf_conntrack_tcp_loose reverts to default. Other netfilter options, like net.netfilter.nf_conntrack_max, preserves their values. If i run "service network restart" or "service SuSEfirewall2 restart" option net.netfilter.nf_conntrack_tcp_loose not changed. Reproducible: Always Steps to Reproduce: 1. add net.netfilter.nf_conntrack_tcp_loose=0 to /etc/sysctl.conf 2. reboot 3. check value: sysctl -a | grep loose Actual Results: net.netfilter.nf_conntrack_tcp_loose reverts to default value 1. Expected Results: net.netfilter.nf_conntrack_tcp_loose=0. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=967355 http://bugzilla.opensuse.org/show_bug.cgi?id=967355#c1 --- Comment #1 from Alexander Kharitonov <chemist777@gmail.com> --- In /etc/sysconfig/SuSEfirewall2 i have FW_KERNEL_SECURITY="no". -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=967355 Tomáš Chvátal <tchvatal@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Version|Leap 42.1 |Leap 42.3 -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com