[Bug 998] firewallrule on mld-listener-query not honored

Fri Feb 10 18:20:00 CET 2017

https://bugzilla.netfilter.org/show_bug.cgi?id=998

Phil Sutter <phil at nwl.cc> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |phil at nwl.cc
             Status|NEW                         |RESOLVED
         Resolution|---                         |WORKSFORME

--- Comment #1 from Phil Sutter <phil at nwl.cc> ---
I can't reproduce this issue. Here's what I tried on a current Fedora Rawhide:

table inet t {
    chain c {
        type filter hook input priority 0; policy accept;
        ip6 hoplimit 1 icmpv6 type mld-listener-query counter accept
    }
}

Then created the packet using scapy:

>>> p = IPv6(src='fec0:42::1', dst='fec0:42::5')/ICMPv6MLQuery()
>>> ep = Ether(src='fe:54:00:62:0e:9a', dst='52:54:00:62:0e:9a')/p
>>> sendp(ep, iface='vnetbr0')

Looking at the ruleset, I see the counter increments so the packet is
recognized by nftables.

I'll therefore close this ticket. If the problem still happens for you with
recent versions of nftables and kernel, feel free to reopen.

Cheers, Phil

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170210/22de4d0d/attachment.html>