CU169 iptables WUI dropdown menus

Hi all,

Is anyone else having issues with the iptables’s drop down menus in CU169? If I go and look at that page in the WUI, all the menus are the same between iptables:, IPTable Mangles:, and IPTable Network Address Translation:. So I get a page that looks like this:

All three types of tables have the same menu options, and this did not used to be this way. Wondering if it is a bug or a browser issue.


You can select a different menu
From the drop down menu. And update.
To display that option.

1 Like

Yes, I understand. But my problem is that between the three different types of iptables all the menus options are the same. So I can pick CUSTOMINPUT, or in the picture I posted HOSTILE_DROP, in any of the three of the different areas, but there is no CUSTOMPREROUTING option. CUSTOMPREROUTING should show up in the NAT rules but it is not there.

CUSTOMPREROUTING isn’t there on my system, too.
Maybe it is deleted by the update because of some development decisions. Have you defined any rules there before?

EDIT: I’ve just checked from the command line. The chain exists.
So you should raise a bug in bugzilla. Your login to the community can be used there also.

1 Like

My iptables is doing something different also. Different from past Core Updates.
Notice blank BADTCP sections

Clicking any Update button changes the bottom two tables.


In the past the default for the drop downs was Input / Prerouting / Prerouting. And the results were populated instead of blank.

AND more important:
I have iptables -t nat -D CUSTOMPREROUTING -s command in firewall.local and CUSTOMPREROUTING no longer appears in the drop down.

A quick review of the sources did not show hints for this erroneous behaviour.
But there are some warnings from Perl ( if debug is switched on ) in /var/log/httpd/error_log.
I’ll look into that a bit deeper the next days.

EDIT: Nevertheless a bug report would be helpfull to ‘alert’ the other devs.


I hope I submitted the bug properly. It is bug 12908, 12908 – Web interface iptables drop down menus incorrect.


Per the info I added to 12908 – Web interface iptables drop down menus incorrect
It seems there is an index off by 1 issue. Not sure how / why it was working before.
I’m not an IPFire developer but the one-line fix in src/misc-progs/getipstat.c – changing line 32 to “unsigned int pcount = 5;” – looks like it would do the trick.


Robin Roevens submitted a patch addressing the off by 1 index issue in src/misc-progs/getipstat.c