sosreport is starting iptables even when the modules are not loaded

Solution Verified - Updated -


  • Red Hat Enterprise Linux (RHEL) 6
  • Red Hat Enterprise Linux (RHEL) 7
  • sos-3.2-28.el6_7.2.noarch
  • sos-3.2-40.el6.noarch
  • sos-3.2-54.el6.noarch
  • sos-3.4-6.el7.noarch


If iptable_filter kernel module is not loaded and sosreport with enabled networking plugin is run, it loads the kernel module.

Steps to Reproduce:

# rmmod iptable_filter; rmmod ip6table_filter
# lsmod | grep filter
# sosreport -o networking --batch
# lsmod | grep filter
iptable_filter          2793  0 
ip_tables              17895  1 iptable_filter

No iptables related modules are expected to be loaded since sosreport is not supposed to affect the system any how.


Root Cause

Prior to sos-3.5-6.el7 / sos-3.2-63.el6 check of loaded iptables related modules before executing iptables listing was missing.

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.