[FS#500] firewall3: missing targets with IPv6 NAT
LEDE Bugs
lede-bugs at lists.infradead.org
Sun Feb 12 10:55:27 PST 2017
The following task has a new comment added:
FS#500 - firewall3: missing targets with IPv6 NAT
User who did this - Hannu Nyman (hnyman)
----------
I think that the firewall fw3 only defines & creates those prerouting/postrouting chains for ipv4, and then later some other part of the firewall (zone rules creation?) finds also the ipv6 NAT table (due to nat6 being installed) and tries to attach similar rules to it as for the ipv4 NAT table, but it fails due to the missing chains.
I think that the definition of the pre/postrouting chains for only ipv4 "family" can be seen from:
https://git.lede-project.org/?p=project/firewall3.git;a=blob;f=zones.c;hb=HEAD#l26
https://git.lede-project.org/?p=project/firewall3.git;a=blob;f=defaults.c;hb=HEAD#l25
IPv6 NAT being installed is so rare, that it seems to expose a bug in the firewall code.
----------
More information can be found at the following URL:
https://bugs.lede-project.org/index.php?do=details&task_id=500#comment1762
More information about the lede-bugs
mailing list