[Bug 1730] nft does not handle IPv6 addresses with embedded IPv4 addresses
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Mon Jan 8 13:16:27 CET 2024
https://bugzilla.netfilter.org/show_bug.cgi?id=1730
--- Comment #5 from Pablo Neira Ayuso <pablo at netfilter.org> ---
(In reply to Eric Fahlgren from comment #3)
> Yes, I duplicated your results, but was puzzled that the IPv4-mapped address
> was able to pass through the parser, which I would not expect if the same
> flex rule is used for all address tokens.
Because it only supports for RFC-compliant IPv4-Mapped IPv6 addresses.
See:
commit fd513de78bc0133f6ba61087be168e2a8d067107
Author: Pablo Neira Ayuso <pablo at netfilter.org>
Date: Mon Oct 9 01:40:36 2017 +0200
scanner: IPv4-Mapped IPv6 addresses support
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20240108/b835d0c7/attachment.html>
More information about the netfilter-buglog
mailing list