Bug 184359 - ip6tables -L displays addresses in a wrong manner
ip6tables -L displays addresses in a wrong manner
Status: CLOSED WONTFIX
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: iptables (Show other bugs)
3.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Thomas Woerner
Ben Levenson
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-03-08 02:36 EST by Peter Bieringer
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-07-24 11:59:16 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Peter Bieringer 2006-03-08 02:36:45 EST
Description of problem:

ip6tables -L displays addresses in a wrong manner, confusing firewall
administrators.

Version-Release number of selected component (if applicable):

kernel-2.4.21-37.2.EL.jwltest.55
iptables-ipv6-1.2.8-12.3

How reproducible:

Always

Steps to Reproduce:
1. Create a test chain
# ip6tables -N test

2. Create rule
# ip6tables -A test  -p ipv6-icmp -s fe80::/10 -d ::/0              
--icmpv6-type neighbour-solicitation  -j ACCEPT --match hl --hl-eq 255

Actual results:
# ip6tables -vnL test
Chain test (0 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     icmpv6    *      *       fe80::ffc0::         ::/0      
        ipv6-icmp type 135 HL match HL == 255

-> note the strange/invalid source address  fe80::ffc0::


Expected results:
# ip6tables -vnL test
Chain test (0 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     icmpv6    *      *       fe80::/10            ::/0      
        ipv6-icmp type 135 HL match HL == 255


Additional info:
RHEL4 and FC4 works proper
Comment 1 Peter Bieringer 2007-04-11 08:39:16 EDT
Still the same using:
kernel-2.4.21-40.EL
iptables-ipv6-1.2.8-12.3
Comment 2 Thomas Woerner 2007-07-24 09:18:44 EDT
Can you please verify if this problem also happens with a newer iptables version?
Comment 3 Thomas Woerner 2007-07-24 11:59:16 EDT
This request was evaluated by Red Hat Engineering for inclusion in a Red
Hat Enterprise Linux maintenance release.

Red Hat does not currently plan to provide this change in a Red Hat Enterprise
Linux update release for currently deployed products.

With the goal of minimizing risk of change for deployed systems, and in
response to customer and partner requirements, Red Hat takes a conservative
approach when evaluating enhancements for inclusion in maintenance updates
for currently deployed products. The primary objectives of update releases
are to enable new hardware platform support and to resolve critical
defects.

However, Red Hat will further review this request for potential inclusion
in future major releases of Red Hat Enterprise Linux. 
Comment 4 Peter Bieringer 2007-07-25 05:12:40 EDT
About the closed NEEDINFO: yes, still happen on 
kernel-2.4.21-50.EL
iptables-ipv6-1.2.8-12.3

Note You need to log in before you can comment on or make changes to this bug.