** Description changed: - [Why SRU?] + [Impact] The fixes for this bug (including the fixes for LP:#1944906) need to be backported to hirsute, focal and bionic) to be able to re-enable the "repo-snapshot-stamp" feature for image builds. That feature is important to get consistent image builds (means the same set of packages included in the different images) when doing multiple builds (eg. for AWS, Azure and GCE). [Test Plan] - build a livecd-rootfs image with the changes for every series in a PPA - Do build an image with the livecd-rootfs from the PPA and enable the repo-snapshot-stamp feature - Check that the build did not fail or hang [Where problems could occur] The codepath that will be changed is only executed in livecd-rootfs if the repo-snapshot-stamp feature is enabled. And that feature is currently broken so it shouldn't be enabled anywhere. - [Original description] when iptables got upgraded from 1.8.5-3ubuntu4 to 1.8.7-1ubuntu2 magic proxy stopped working in livecd-rootfs. It does very simple thing: iptables -t nat -A OUTPUT -p tcp --dport 80 -m owner ! --uid-owner daemon -j REDIRECT --to 8080 inside hirsute lxd container, with quite high privileges, in a bionic VM, running 4.15 kernel. With 1.8.5 above worked fine, with 1.8.7 somehow there was no outbound connectivity the very first http networking command after the above call would just hang indefinitely. However, if one does this instead: iptables -vv -t nat -S iptables-legacy -vv -t nat -S iptables -vv -t nat -A OUTPUT -p tcp --dport 80 -m owner ! --uid-owner daemon -j REDIRECT --to 8080 somehow magically everything starts to work fine. weird.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1917920 Title: magic-proxy broke with iptables 1.8.7-1ubuntu2 To manage notifications about this bug go to: https://bugs.launchpad.net/launchpad-buildd/+bug/1917920/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
