From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2) Gecko/20021202 Description of problem: When using ip6tables to add rules in the FORWARD chain with a target of REJECT, it complains about the REJECT module not existing. The man page describes a REJECT target, so I was expecting it to be there. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1.ip6tables -A FORWARD -j reject Actual Results: ip6tables v1.2.6a: Couldn't load target `REJECT':/lib/iptables/libip6t_REJECT.so: cannot open shared object file: No such file or directory Try `ip6tables -h' or 'ip6tables --help' for more information. Expected Results: I expected a rule with a target of REJECT to appear in the FORWARD chain of the IPv6 filter table. Additional info:
The IPv6 REJECT target userspace extension module is built conditionally. That means, it is built only if the corresponding optional (and pending) Netfilter kernel patch has been applied to the kernel source. This doesn't seem to be the case with Red Hat's kernel (and FWIW, neither the kernel of other distributors, e.g. MandrakeSoft or Connectiva).
Apart from that, the iptables package spec file does not set KERNEL_DIR. Therefore, all kernel feature tests would fail, because iptables' Makefile falls back to KERNEL_DIR=/usr/src/linux which doesn't work with Red Hat Linux.
Since we don't add that patch, we probably won't build that feature.