Displaying 1 result from an estimated 1 matches for "foo_chain".
Did you mean:
bio_chain
2013 Aug 13
4
[Bug 842] New: Addition of iptables rule referencing an ipset of the wrong address family does not fail
...gnedTo: netfilter-buglog at lists.netfilter.org
ReportedBy: quentin at armitage.org.uk
Estimated Hours: 0.0
I can add an iptables rule that references an ipset of the wrong address
family, which doesn't seem sensible.
For example:
ipset create foo hash:ip family inet
ip6tables -A foo_chain -m set --match-set foo -j LOG
or
ipset create foo6 hash:ip family inet6
iptables -A foo_chain -m set --match-set foo6 -j LOG
or even more bizarrely:
ipset create foo hash:ip family inet
ipset add foo 1.2.3.4
ip6tables -A foo_chain -s 2001:35:1:2:3:4:5:6 -m set --match-set foo -j LOG
--
Configur...