On Tuesday, 29 August 2017 4:49:47 AM AEST Pat Riehecky wrote:
> Scientific Linux 7.4 RC1 x86_64
> 
> These are the notes for the "Release Candidate" of Scientific Linux 7.4
> ----------------------------------------------------------------------------
> 
> KNOWN ISSUES
> ----------------------------------------------------------------------------
> 
> Firewall fails to apply when using iptables-services
>             if you use iptables and ip6tables on the same system, systemd
>             tries to start them at the same time - and one may fail to
>             load.
>             Upstream bug:
>             https://bugzilla.redhat.com/show_bug.cgi?id=1477413

Hi Pat,

Just as a quick note, I would suggest that treating this issue as a possible 
blocker for the 7.4 release unless the patch included in the upstream BZ is 
rolled in before release.

At the current state, any users not using firewalld *WILL* have problems 
loading firewall rules (ie there won't be one) if they use both iptables and 
ip6tables services.

CentOS included this patch in their 7.4 release to the CR branch - however I 
note there is still a further fix required for this issue to be resolved 
completely:
	https://bugzilla.redhat.com/show_bug.cgi?id=1486803

We assume this is a Before: and After: statement in iptables.service and 
ip6tables.service - but have no confirmation of this as yet.

Either way - I would be very cautious on a release without at least patching 
the first issue in this chain.

-- 
Steven Haigh

📧 [log in to unmask]       💻 http://www.crc.id.au
📞 +61 (3) 9001 6090    📱 0412 935 897