Iptables fail to restore big number of lines
Hello,
I installed Fwsnort fro Edge repository on Alpine 3.1.3 main. Fwsnort is
supposed to translates Snort rules in iptables ruleset. I run fwsnort
command and approximately 10.000 rules were translated in a fwsnort.save
file. When I try to restore the rules with iptables-restore -r <
/var/lib/fwsnort/fwsnort.save the system crash and don’t accept any
command. If I try to translate Snort rules with fwsnort —ipt-sync while
I have just 443/udp port open only the rules corresponding this port are
translated (approximately 500 rules) and iptables-restore command
works.
I tried to restore the huge ruleset on a Puppy Linux distro with
success, so the fwsnort generated ruleset is ok in my opinion.
I think the big number of lines in the ruleset trigger this problem.
can anyone replicate this problem, please?
Thnaks.
(from redmine: issue id 4173, created on 2015-05-12, closed on 2019-06-11)