Details
-
Bug
-
Resolution: Fixed
-
Minor
-
None
-
None
-
3
-
9223372036854775807
Description
This update fixes the following bug:
Previously, the connection tracking information was not cleared properly for packets forwarded to another network namespace. Packets that were marked with the "NOTRACK" target in one namespace were excluded from connection tracking even in the new namespace. Consequently, a loss of connectivity occasionally occurred, depending on the packet filtering ruleset of the other network namespaces. This update fixes the nf_reset() function to clear the connection tracking information properly. As a result, configuration properties related to connection tracking in one namespace do not leak into other namespaces, and the connectivity loss due to this behavior no longer occurs. (BZ#1588458)
Users of kernel are advised to upgrade to these updated packages, which fix this bug. The system must be rebooted for this update to take effect.