Description of problem: the kernel lacks the ipv6 connection tracking module, statefull firewalling is not possible Version-Release number of selected component (if applicable): kernel-2.6.18-164.15.1.el5 How reproducible: every time Steps to Reproduce: 1. ip6tables -I OUTPUT -j ACCEPT 2. ip6tables -I INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT 3. ip6tables -A INPUT -j DROP Actual results: incoming IPv6 traffic gets dopped Expected results: incoming IPv6 traffic should get accepted in case the packet is a direct response of initially outbound IPv6 traffic Additional info: even though ip6tables has the correct code (.../iptables/libip6t_state.so) the kernel ignores it whatsoever, the problem is also very noticable in case the server is also a router (e.g. FORWARD table)
*** This bug has been marked as a duplicate of bug 232933 ***