Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHBA-2012:0255 - Bug Fix Advisory
Issued:
2012-02-20
Updated:
2012-02-20

RHBA-2012:0255 - Bug Fix Advisory

  • Overview
  • Updated Packages

Synopsis

iptables bug fix and enhancement update

Type/Severity

Bug Fix Advisory

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated iptables packages that fix several bugs and add two enhancements are now
available for Red Hat Enterprise Linux 5.

Description

The iptables utility controls the network packet filtering code in the Linux
kernel.

These updated iptables packages provide fixes for the following bugs:

  • Prior to this update, the memory alignment of ipt_connlimit_data was incorrect

on x86-based systems. An error message in the format "ip_tables: connlimit
match: invalid size" was logged. This update adds an explicit alignment
attribute to the ipt_connlimit_data structure to correct this. (BZ#520797)

  • The sysctl values for netfilter kernel modules were not restored after a

firewall restart. Consequently, the firewall did not always perform as expected
after a restart. This update applies a patch to optionally load sysctl settings
on iptables start, if specified by the user in the /etc/sysctl.conf file. Users
can now define sysctl settings to load on start and restart. (BZ#552522)

  • Prior to this update, the kernel netfilter modules were not loaded at all

times. Consequently, some commands did not perform as expected the first time
they were executed. With this update, a patch has been applied to ensure the
modules are properly loaded and the problem no longer occurs. (BZ#554340)

In addition, these updated iptables packages provide the following enhancements:

  • Prior to this update, the statistic match module was not included in the

iptables package. With this update, this module in now included. (BZ#471163)

  • A service reload option has been added to enable a refresh of the firewall

rules without unloading netfilter kernel modules and dropping connections.
(BZ#710050)

Users are advised to upgrade to these updated iptables packages, which fix these
bugs and add these enhancements.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Affected Products

  • Red Hat Enterprise Linux Server 5 x86_64
  • Red Hat Enterprise Linux Server 5 ia64
  • Red Hat Enterprise Linux Server 5 i386
  • Red Hat Enterprise Linux Workstation 5 x86_64
  • Red Hat Enterprise Linux Workstation 5 i386
  • Red Hat Enterprise Linux Desktop 5 x86_64
  • Red Hat Enterprise Linux Desktop 5 i386
  • Red Hat Enterprise Linux for IBM z Systems 5 s390x
  • Red Hat Enterprise Linux for Power, big endian 5 ppc
  • Red Hat Enterprise Linux Server from RHUI 5 x86_64
  • Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

  • BZ - 520797 - ip_tables: connlimit match: invalid size 24 != 16
  • BZ - 552522 - Restarting iptables doesn't restore certain sysctl values, e.g. net.ipv4.ip_conntrack_max

CVEs

(none)

References

(none)

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 5

SRPM
iptables-1.3.5-9.1.el5.src.rpm SHA-256: de9f4f52ae37e048f59a7f4455ebfbfa0c76557559ce0e03aadf3485c0b9d52a
x86_64
iptables-1.3.5-9.1.el5.x86_64.rpm SHA-256: cabb4014e3f7a983e8e1a4834a5f4276692446db2e0bca6da51f6e9d2c8e1a81
iptables-devel-1.3.5-9.1.el5.i386.rpm SHA-256: a6937178454175949ddadbea42c59955dd5f593f2002f21d4dbf7e4867ba69c5
iptables-devel-1.3.5-9.1.el5.x86_64.rpm SHA-256: 30b62bbd79cbe0eb0a1db9fb7e7dd888e12f645dddee7721f0613975eaf830cc
iptables-ipv6-1.3.5-9.1.el5.x86_64.rpm SHA-256: 84d5a16dcd908afadcf872dd392a5c3e3b4aa82b598c3ac01d5541113b33fb0d
ia64
iptables-1.3.5-9.1.el5.ia64.rpm SHA-256: 52cd6c4e44fb65f7267d1fec6e91e502f02b8f42f627d869a1e64dd3ad910d6a
iptables-devel-1.3.5-9.1.el5.ia64.rpm SHA-256: 65527f8ba7f46736565dd7d6d1c0750f34219a7f5dc1c3ad15a29beafd951cae
iptables-ipv6-1.3.5-9.1.el5.ia64.rpm SHA-256: 6016065f131a122a0edd981042fd32f5220463af8adc749131315c215673e2e2
i386
iptables-1.3.5-9.1.el5.i386.rpm SHA-256: 1bc44adcd9ff60e4428134d6b287ee9d5daf30bdf3f928b77d38663628923e8e
iptables-devel-1.3.5-9.1.el5.i386.rpm SHA-256: a6937178454175949ddadbea42c59955dd5f593f2002f21d4dbf7e4867ba69c5
iptables-ipv6-1.3.5-9.1.el5.i386.rpm SHA-256: 429540df590009c8eef5cf92eb86c672266c6f821ba15149f57e40b53fdbce08

Red Hat Enterprise Linux Workstation 5

SRPM
iptables-1.3.5-9.1.el5.src.rpm SHA-256: de9f4f52ae37e048f59a7f4455ebfbfa0c76557559ce0e03aadf3485c0b9d52a
x86_64
iptables-1.3.5-9.1.el5.x86_64.rpm SHA-256: cabb4014e3f7a983e8e1a4834a5f4276692446db2e0bca6da51f6e9d2c8e1a81
iptables-devel-1.3.5-9.1.el5.i386.rpm SHA-256: a6937178454175949ddadbea42c59955dd5f593f2002f21d4dbf7e4867ba69c5
iptables-devel-1.3.5-9.1.el5.x86_64.rpm SHA-256: 30b62bbd79cbe0eb0a1db9fb7e7dd888e12f645dddee7721f0613975eaf830cc
iptables-ipv6-1.3.5-9.1.el5.x86_64.rpm SHA-256: 84d5a16dcd908afadcf872dd392a5c3e3b4aa82b598c3ac01d5541113b33fb0d
i386
iptables-1.3.5-9.1.el5.i386.rpm SHA-256: 1bc44adcd9ff60e4428134d6b287ee9d5daf30bdf3f928b77d38663628923e8e
iptables-devel-1.3.5-9.1.el5.i386.rpm SHA-256: a6937178454175949ddadbea42c59955dd5f593f2002f21d4dbf7e4867ba69c5
iptables-ipv6-1.3.5-9.1.el5.i386.rpm SHA-256: 429540df590009c8eef5cf92eb86c672266c6f821ba15149f57e40b53fdbce08

Red Hat Enterprise Linux Desktop 5

SRPM
iptables-1.3.5-9.1.el5.src.rpm SHA-256: de9f4f52ae37e048f59a7f4455ebfbfa0c76557559ce0e03aadf3485c0b9d52a
x86_64
iptables-1.3.5-9.1.el5.x86_64.rpm SHA-256: cabb4014e3f7a983e8e1a4834a5f4276692446db2e0bca6da51f6e9d2c8e1a81
iptables-ipv6-1.3.5-9.1.el5.x86_64.rpm SHA-256: 84d5a16dcd908afadcf872dd392a5c3e3b4aa82b598c3ac01d5541113b33fb0d
i386
iptables-1.3.5-9.1.el5.i386.rpm SHA-256: 1bc44adcd9ff60e4428134d6b287ee9d5daf30bdf3f928b77d38663628923e8e
iptables-ipv6-1.3.5-9.1.el5.i386.rpm SHA-256: 429540df590009c8eef5cf92eb86c672266c6f821ba15149f57e40b53fdbce08

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
iptables-1.3.5-9.1.el5.src.rpm SHA-256: de9f4f52ae37e048f59a7f4455ebfbfa0c76557559ce0e03aadf3485c0b9d52a
s390x
iptables-1.3.5-9.1.el5.s390x.rpm SHA-256: b17dcfe1b8832267b50bcc9fac02e090e8c179cd0d710a862ede2b087ae9d25b
iptables-devel-1.3.5-9.1.el5.s390.rpm SHA-256: eccb7c11798415c9723eab058079561a29ec6eac4403a3ec854aeaad03b2c8f2
iptables-devel-1.3.5-9.1.el5.s390x.rpm SHA-256: 4f1f2f2870ea1a66e06b7b0c827f3d49c29835b6f8b5061c6f115223b629e2b4
iptables-ipv6-1.3.5-9.1.el5.s390x.rpm SHA-256: fe4e7eec17311505f12d6a8d5cb9c9749d505834233d7d5779237d8ac1229796

Red Hat Enterprise Linux for Power, big endian 5

SRPM
iptables-1.3.5-9.1.el5.src.rpm SHA-256: de9f4f52ae37e048f59a7f4455ebfbfa0c76557559ce0e03aadf3485c0b9d52a
ppc
iptables-1.3.5-9.1.el5.ppc.rpm SHA-256: 7e9e38da339801a05cede3cdbb46da8e030341b403846eb43a5acfab1bb22925
iptables-1.3.5-9.1.el5.ppc64.rpm SHA-256: f4b9120eff12a531e39bd2ec68a3e463290020583435fcdf80dedbeb105de605
iptables-devel-1.3.5-9.1.el5.ppc.rpm SHA-256: 346c058826e4d07736ce32fba3acd404ba360df93a9107208b7f580ffc186785
iptables-devel-1.3.5-9.1.el5.ppc64.rpm SHA-256: 8346a50426c0017e0ba5e888cee8a0ad9bec37394900161550a15dbd42ef8657
iptables-ipv6-1.3.5-9.1.el5.ppc.rpm SHA-256: cd253f238d30a2033d94012304ef88227ec26ed5a9dc4ff07280c6a8de4fd6e5
iptables-ipv6-1.3.5-9.1.el5.ppc64.rpm SHA-256: 3a65ac1a41c0ed73ded5dde859449a82e2427b7dfb6dc4b4367089f1c669438e

Red Hat Enterprise Linux Server from RHUI 5

SRPM
iptables-1.3.5-9.1.el5.src.rpm SHA-256: de9f4f52ae37e048f59a7f4455ebfbfa0c76557559ce0e03aadf3485c0b9d52a
x86_64
iptables-1.3.5-9.1.el5.x86_64.rpm SHA-256: cabb4014e3f7a983e8e1a4834a5f4276692446db2e0bca6da51f6e9d2c8e1a81
iptables-devel-1.3.5-9.1.el5.i386.rpm SHA-256: a6937178454175949ddadbea42c59955dd5f593f2002f21d4dbf7e4867ba69c5
iptables-devel-1.3.5-9.1.el5.x86_64.rpm SHA-256: 30b62bbd79cbe0eb0a1db9fb7e7dd888e12f645dddee7721f0613975eaf830cc
iptables-ipv6-1.3.5-9.1.el5.x86_64.rpm SHA-256: 84d5a16dcd908afadcf872dd392a5c3e3b4aa82b598c3ac01d5541113b33fb0d
i386
iptables-1.3.5-9.1.el5.i386.rpm SHA-256: 1bc44adcd9ff60e4428134d6b287ee9d5daf30bdf3f928b77d38663628923e8e
iptables-devel-1.3.5-9.1.el5.i386.rpm SHA-256: a6937178454175949ddadbea42c59955dd5f593f2002f21d4dbf7e4867ba69c5
iptables-ipv6-1.3.5-9.1.el5.i386.rpm SHA-256: 429540df590009c8eef5cf92eb86c672266c6f821ba15149f57e40b53fdbce08

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility