Red Hat Bugzilla – Bug 815555
system-config-firewall is writing ipv6 rules to ipv4 iptables config
Last modified: 2012-05-02 00:51:30 EDT
Description of problem:
After I generate a firewall configuration using system-config-firewall, iptables cannot start due to an IPv6 rule:
-A INPUT -m state --state NEW -m udp -p udp --dport 546 -d fe80::/64 -j ACCEPT
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Use system with no existing iptables config
2. Go through wizard to create desktop firewall config
3. apply new config
iptables fails with error on line with IPv6 rule
IPv6 rules are only in ipv6tables config
This is on a system that had firewalld installed and running by default at install time
system-config-firewall-1.2.29-7.fc17 has been submitted as an update for Fedora 17.
* should fix your issue,
* was pushed to the Fedora 17 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing system-config-firewall-1.2.29-7.fc17'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).
retried with the new build of system-config-firewall - the IPv4 iptables rules are now free of IPv6 rules
system-config-firewall-1.2.29-7.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.