[Bug 1398] New: tproxy rule is not matched for ip6

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Thu Jan 16 10:26:29 CET 2020


https://bugzilla.netfilter.org/show_bug.cgi?id=1398

            Bug ID: 1398
           Summary: tproxy rule is not matched for ip6
           Product: nftables
           Version: unspecified
          Hardware: x86_64
                OS: Ubuntu
            Status: NEW
          Severity: normal
          Priority: P5
         Component: kernel
          Assignee: pablo at netfilter.org
          Reporter: m1588m at gmail.com

All rules were created at the same time, however the rule with tproxy verdict
is not matched for some reason:

nft list table inet nat
table inet nat {
    chain divert {
        type filter hook prerouting priority mangle; policy accept;
        ip6 version 6 udp dport 53 counter packets 5 bytes 470
        ip6 version 6 udp dport 53 tproxy ip6 to :5304 counter packets 0 bytes
0
        ip6 version 6 udp dport 53 counter packets 5 bytes 470 accept
    }
}

Tested on ubuntu linux kernel 4.20.17-042017-generic and nft 20190515 snapshot.

Please, advice, what are the next steps to narrow down the root cause.

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200116/5ad2de80/attachment.html>


More information about the netfilter-buglog mailing list