#241 Established ipv6 does not work with any other service

open
nobody
None
5
2012-11-03
2012-11-03
Gabor Lukacs
No

I am using version 5.1.

I added both "Established ipv6" and "DNS" to a rule meant to accept traffic with a particular destination. This is the result after compilation:

$IP6TABLES -N Cid4151X1501.0
$IP6TABLES -A FORWARD -d 2001:470:1d:917::/64 -m state --state NEW -j Cid4151X1501.0
$IP6TABLES -A Cid4151X1501.0 -p tcp -m tcp --dport 53 -j ACCEPT
$IP6TABLES -A Cid4151X1501.0 -p udp -m udp --dport 53 -j ACCEPT
$IP6TABLES -A Cid4151X1501.0 -m state --state ESTABLISHED,RELATED -j ACCEPT

Since line 2 sends "NEW" connections to the rule, no established connection will ever be passed by this.

Discussion

  • Gabor Lukacs
    Gabor Lukacs
    2012-11-03

    Library file with the bug

     
    Attachments