[Bug 998] firewallrule on mld-listener-query not honored

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Fri Feb 10 18:20:00 CET 2017


Phil Sutter <phil at nwl.cc> changed:

           What    |Removed                     |Added
                 CC|                            |phil at nwl.cc
             Status|NEW                         |RESOLVED
         Resolution|---                         |WORKSFORME

--- Comment #1 from Phil Sutter <phil at nwl.cc> ---
I can't reproduce this issue. Here's what I tried on a current Fedora Rawhide:

table inet t {
    chain c {
        type filter hook input priority 0; policy accept;
        ip6 hoplimit 1 icmpv6 type mld-listener-query counter accept

Then created the packet using scapy:

>>> p = IPv6(src='fec0:42::1', dst='fec0:42::5')/ICMPv6MLQuery()
>>> ep = Ether(src='fe:54:00:62:0e:9a', dst='52:54:00:62:0e:9a')/p
>>> sendp(ep, iface='vnetbr0')

Looking at the ruleset, I see the counter increments so the packet is
recognized by nftables.

I'll therefore close this ticket. If the problem still happens for you with
recent versions of nftables and kernel, feel free to reopen.

Cheers, Phil

You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170210/22de4d0d/attachment.html>

More information about the netfilter-buglog mailing list