[Bug 729] New: iptables + ipset rules apply but nothing go to the chain
bugzilla-daemon at bugzilla.netfilter.org
bugzilla-daemon at bugzilla.netfilter.org
Mon Jul 25 00:04:20 CEST 2011
http://bugzilla.netfilter.org/show_bug.cgi?id=729
Summary: iptables + ipset rules apply but nothing go to the chain
Product: iptables
Version: unspecified
Platform: x86_64
OS/Version: Debian GNU/Linux
Status: NEW
Severity: critical
Priority: P2
Component: iptables
AssignedTo: netfilter-buglog at lists.netfilter.org
ReportedBy: onorua at gmail.com
Estimated Hours: 0.0
What I have:
~ # iptables -V
iptables v1.4.12
~ # ipset -V
ipset v6.8, protocol version: 6
~ # uname -r
2.6.39.3-bg
eth1 Link encap:Ethernet HWaddr 00:26:82:03:7c:3e
inet addr:193.43.210.32 Bcast:193.43.210.255 Mask:255.255.255.0
~ # ipset -L iUser
Name: iUser
Type: bitmap:ip,mac
Header: range 193.43.210.10-193.43.210.215
Size in memory: 3408
References: 3
Members:
193.43.210.32,00:26:82:03:7C:3E
What I do:
~ # iptables -p icmp -A INPUT -m set --match-set iUser src -j DROP
Then run ping from the host, and what I get:
~ # iptables -nvL INPUT
Chain INPUT (policy ACCEPT 356 packets, 41541 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0
match-set iUser src
Seems to me, that ipset with iptables stopped to work at all. There is nothing
related to this issue in log files. Please let me know what other info would be
useful and I'll provide you with.
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.
More information about the netfilter-buglog
mailing list