Bug 815555 - system-config-firewall is writing ipv6 rules to ipv4 iptables config
system-config-firewall is writing ipv6 rules to ipv4 iptables config
Product: Fedora
Classification: Fedora
Component: system-config-firewall (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Thomas Woerner
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2012-04-23 16:30 EDT by Tim Flink
Modified: 2012-05-02 00:51 EDT (History)
2 users (show)

See Also:
Fixed In Version: system-config-firewall-1.2.29-7.fc17
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2012-05-02 00:51:30 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Tim Flink 2012-04-23 16:30:43 EDT
Description of problem:
After I generate a firewall configuration using system-config-firewall, iptables cannot start due to an IPv6 rule:

-A INPUT -m state --state NEW -m udp -p udp --dport 546 -d fe80::/64 -j ACCEPT

Version-Release number of selected component (if applicable):

How reproducible:
Every Time

Steps to Reproduce:
1. Use system with no existing iptables config
2. Go through wizard to create desktop firewall config
3. apply new config
Actual results:
iptables fails with error on line with IPv6 rule

Expected results:
IPv6 rules are only in ipv6tables config

Additional info:
This is on a system that had firewalld installed and running by default at install time
Comment 1 Fedora Update System 2012-04-23 17:29:56 EDT
system-config-firewall-1.2.29-7.fc17 has been submitted as an update for Fedora 17.
Comment 2 Fedora Update System 2012-04-23 23:19:53 EDT
Package system-config-firewall-1.2.29-7.fc17:
* should fix your issue,
* was pushed to the Fedora 17 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing system-config-firewall-1.2.29-7.fc17'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).
Comment 3 Tim Flink 2012-04-24 01:05:13 EDT
retried with the new build of system-config-firewall - the IPv4 iptables rules are now free of IPv6 rules
Comment 4 Fedora Update System 2012-05-02 00:51:30 EDT
system-config-firewall-1.2.29-7.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.