[8.160][BUG][FIXED] IPV6 match-set

Hello,

I got an ipv6 packet filter with a group of two sources, it allow them to connect to irc.

Packet filter is :
Source : groupe of two ipv6(only) hosts
Dest : any
Services: 6667 to 6668

But all packets are dropped by the default drop.

With an ip6tables-save i got that :
-A USR_FORWARD -i eth2 -p tcp -m set --match-set PsO/lTkZoP1zGPoRejkn7g src -m tcp --sport 1:65535 --dport 6667:6668 -m logmark --logmark 3 -j LOGACCEPT

If i put any as source it works.

ip6tables-save looks like that :
-A USR_FORWARD -p tcp -m tcp --sport 1:65535 --dport 6667:6668 -m logmark --logmark 3 -j LOGACCEPT

Parents

0 HolgerE over 14 years ago

I can reproduce that here. I think this is a regression from previous ipset releases (notably from ipset 5.2, where this worked). Will be fixed in next release.

Thank you.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 HolgerE over 14 years ago

I can reproduce that here. I think this is a regression from previous ipset releases (notably from ipset 5.2, where this worked). Will be fixed in next release.

Thank you.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data