Red Hat Bugzilla – Bug 303851
ip6tables startup complains "never matched protocol: 51"
Last modified: 2008-02-14 11:55:18 EST
Description of problem:
When starting ip6tables with a default /etc/sysconfig/ip6tables
then the following shows up:
Applying ip6tables firewall rules: ip6_tables: (C) 2000-2006 Netfilter Core Team
Warning: never matched protocol: 51. use extension match instead.
The following line is obviously a problem:
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
although it is happily accepted by iptables.
Actually I do not recall seeing that earlier and now that message
shows up in F7, FC6 and rawhide. Kernel changes?
Version-Release number of selected component (if applicable):
always on a startup
Assigning to system-config-securitylevel.
system-config-securitylevel-1.7.0-6.fc7 has been pushed to the Fedora 7 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
su -c 'yum --enablerepo=updates-testing update system-config-securitylevel'
The same thing happens in Fedora 8.
system-config-securitylevel-1.7.0-6.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
I am getting this error on my Fedora 8 startup (so I'm not sure if it's captured
by a log). As in the original report, there is a port 51 line in
/etc/sysconfig/ip6tables that is probably causing it. Also:
> rpm -q system-config-firewall
Since this is now in a different component and F level, should I open a new bug?
Please use "lokkit -q" to update your firewall configuration and the problem
should be gone.
(In reply to comment #6)
> Please use "lokkit -q" to update your firewall configuration and the problem
> should be gone.
So it did. Thank you.