From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0rc1) Gecko/20020417

Description of problem:
'ip6tables-save' yields the following output:

# Generated by ip6tables-save v1.2.5 on Mon May 20 14:13:16 2002
*filter
:INPUT ACCEPT [32:3072]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -s ::/0 -d ::/0 -i eth0 -p tcp -m tcp --dport 22 SYN/SYN,ACK,URG-j ACCEPT
-A INPUT -s ::/0 -d ::/0 -i eth0 -p tcp -m tcp --dport 993 SYN/SYN,ACK,URG-j ACCEPT
-A INPUT -s ::/0 -d ::/0 -i eth0 -p tcp -m tcp SYN/SYN-j DROP
-A INPUT -s ::/0 -d ::/0 -i eth0 -p udp -j DROP
COMMIT
# Completed on Mon May 20 14:13:16 2002

There are two apparent problems (which ip6tables-restore complains about):

1. No space between the TCP flags and -j
2. No switch to specify beginning of TCP flags

Below is the output from 'ip6tables -L -n'
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp      ::/0                 ::/0               tcp dpt:22
flags:0x32/0x02
ACCEPT     tcp      ::/0                 ::/0               tcp dpt:993
flags:0x32/0x02
DROP       tcp      ::/0                 ::/0               tcp flags:0x02/0x02
DROP       udp      ::/0                 ::/0

Chain FORWARD (policy DROP)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination



Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. /sbin/ip6tables -A INPUT -i eth0 -p tcp --syn -j DROP
2. /sbin/ip6tables-save
3.
	

Actual Results:  ip6tables-save generates invalid output

Expected Results:  ip6tables-save should always generate something that
iptables-restore can read

Additional info:

iptables-ipv6-1.2.5-3