Displaying 20 results from an estimated 20000 matches similar to: "[Bug 616] Duplicate rules for multi-homed hostnames. IPv4 and IPv6 inconsistent treatment."
2009 Oct 20
1
[Bug 616] New: Duplicate rules for multi-homed hostnames. IPv4 and IPv6 inconsistent treatment.
http://bugzilla.netfilter.org/show_bug.cgi?id=616
Summary: Duplicate rules for multi-homed hostnames. IPv4 and IPv6
inconsistent treatment.
Product: iptables
Version: unspecified
Platform: i386
OS/Version: All
Status: NEW
Severity: minor
Priority: P4
Component: iptables
2013 Jul 09
0
[Bug 616] Duplicate rules for multi-homed hostnames. IPv4 and IPv6 inconsistent treatment.
https://bugzilla.netfilter.org/show_bug.cgi?id=616
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution| |WONTFIX
--- Comment #10 from Phil Oester
2013 Jul 09
0
[Bug 616] Duplicate rules for multi-homed hostnames. IPv4 and IPv6 inconsistent treatment.
https://bugzilla.netfilter.org/show_bug.cgi?id=616
--- Comment #5 from - <kd6lvw at yahoo.com> 2013-07-09 03:45:06 CEST ---
Re: Comment #4. One doesn't know what the addresses are until they are
retrieved from the DNS. The point is that the routines which generate the
rules are NOT checking the values AFTER the CIDR netmask is applied to
eliminate POST-MASK duplicate answers. The
2013 Jul 09
0
[Bug 616] Duplicate rules for multi-homed hostnames. IPv4 and IPv6 inconsistent treatment.
https://bugzilla.netfilter.org/show_bug.cgi?id=616
--- Comment #7 from - <kd6lvw at yahoo.com> 2013-07-09 09:35:30 CEST ---
Re: Comment #6 - It is up to the author of the ruleset to determine policy. It
is the duty of the software to properly execute that policy. Here, the
software fails to do so because it produces duplicate redundant rules which are
never used.
Note that iptables-save
2013 Jul 09
0
[Bug 616] Duplicate rules for multi-homed hostnames. IPv4 and IPv6 inconsistent treatment.
https://bugzilla.netfilter.org/show_bug.cgi?id=616
--- Comment #11 from - <kd6lvw at yahoo.com> 2013-07-09 21:48:05 CEST ---
I fully disagree that the addition of duplicate rules that will never be
reached is part of the design. As a waste of memory allocation, it is
inefficient and therefore incorrect. The use of a hostname in place of an IP
address literal should not have any effect in
2013 Jul 09
0
[Bug 616] Duplicate rules for multi-homed hostnames. IPv4 and IPv6 inconsistent treatment.
https://bugzilla.netfilter.org/show_bug.cgi?id=616
--- Comment #8 from Phil Oester <netfilter at linuxace.com> 2013-07-09 15:56:45 CEST ---
(In reply to comment #7)
> It is the duty of the software to properly execute that policy. Here, the
> software fails to do so because it produces duplicate redundant rules which are
> never used.
And where is it documented that the software
2013 Jun 21
0
[Bug 616] Duplicate rules for multi-homed hostnames. IPv4 and IPv6 inconsistent treatment.
https://bugzilla.netfilter.org/show_bug.cgi?id=616
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |netfilter at linuxace.com
--- Comment #3 from Phil Oester <netfilter at linuxace.com> 2013-06-21
2013 Jul 08
0
[Bug 616] Duplicate rules for multi-homed hostnames. IPv4 and IPv6 inconsistent treatment.
https://bugzilla.netfilter.org/show_bug.cgi?id=616
--- Comment #4 from Phil Oester <netfilter at linuxace.com> 2013-07-08 23:33:07 CEST ---
As noted, #2 is solved already. Also, /128 will no longer print (commit
945353a2).
But your #1 makes little sense to me: discovery.razor.cloudmark.com/22. How
do you know that EVERY IP returned from a DNS lookup is always going to be a
/22 mask?
2013 Jul 09
0
[Bug 616] Duplicate rules for multi-homed hostnames. IPv4 and IPv6 inconsistent treatment.
https://bugzilla.netfilter.org/show_bug.cgi?id=616
--- Comment #6 from Phil Oester <netfilter at linuxace.com> 2013-07-09 03:50:27 CEST ---
Yes, I fully understand what is happening in the one specific example you have
provided. However you need to answer what happens if Cloudmark suddenly
decides to add an IP _OUTSIDE_ of that /22 that is assigned to them. Let's say
they open a new
2010 Jan 19
1
[Bug 630] New: Enhancement: Allow rules to specify ICMP type ranges.
http://bugzilla.netfilter.org/show_bug.cgi?id=630
Summary: Enhancement: Allow rules to specify ICMP type ranges.
Product: iptables
Version: unspecified
Platform: All
URL: http://www.ietf.org/rfc/rfc4890.txt
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P5
Component: ip6tables
2014 May 07
1
[Bug 919] New: ah: --reserver is not supported (ipv4 and ipv6)
https://bugzilla.netfilter.org/show_bug.cgi?id=919
Summary: ah: --reserver is not supported (ipv4 and ipv6)
Product: nftables
Version: unspecified
Platform: x86_64
OS/Version: Debian GNU/Linux
Status: NEW
Severity: normal
Priority: P5
Component: nft
AssignedTo: pablo at netfilter.org
2013 Aug 12
2
[Bug 841] New: Specifying netmask option when creating ipv6 hash:ip is inconsistent
https://bugzilla.netfilter.org/show_bug.cgi?id=841
Summary: Specifying netmask option when creating ipv6 hash:ip
is inconsistent
Product: ipset
Version: unspecified
Platform: All
OS/Version: All
Status: NEW
Severity: minor
Priority: P5
Component: default
AssignedTo:
2009 Jun 07
2
[Bug 597] New: ip6tables connlimit - cannot set CIDR greater than 32 (includes fix)
http://bugzilla.netfilter.org/show_bug.cgi?id=597
Summary: ip6tables connlimit - cannot set CIDR greater than 32
(includes fix)
Product: iptables
Version: unspecified
Platform: All
OS/Version: All
Status: NEW
Severity: major
Priority: P1
Component: ip6tables
AssignedTo: laforge
2020 Mar 12
3
[Bug 1413] New: Inconsistent EBUSY errors when adding a duplicate element to a map
https://bugzilla.netfilter.org/show_bug.cgi?id=1413
Bug ID: 1413
Summary: Inconsistent EBUSY errors when adding a duplicate
element to a map
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Debian GNU/Linux
Status: NEW
Severity: normal
Priority: P5
2020 May 18
1
Best practice multi-homed AD DC
On Mon, May 18, 2020 at 2:44 AM Rowland penny via samba <
samba at lists.samba.org> wrote:
> On 17/05/2020 23:10, Michael Jones wrote:
> > Why?
> Amongst others, you may get:
>
> Slow / Failed logins
> Replication issues
> Group policy access issues
> login script issues
>
> A multi-homed DC (for whatever reason) is a bad idea.
>
> Rowland
>
I
2020 May 17
2
Best practice multi-homed AD DC
Dear all,
as I am currently planning a network with Samba AD DC I was wondering if
you can recommend any best practice for a multi-homed AD DC.
My current plan is to have one NIC for Samba services and a second one
dedicated to management functions (e.g. SSH) on a separate network
restricted to admin users.
In a testbed scenario I already discovered that once both adapters exist,
samba seems to
2020 May 17
3
Best practice multi-homed AD DC
On Sun, May 17, 2020 at 1:43 PM Rowland penny via samba <
samba at lists.samba.org> wrote:
> On 17/05/2020 19:30, Johannes Engel via samba wrote:
> > Dear all,
> >
> > as I am currently planning a network with Samba AD DC I was wondering if
> > you can recommend any best practice for a multi-homed AD DC.
>
> Best practise is: do not multi-home a DC.
>
1998 Oct 13
0
Bizarre multi-homed name resolution with nmbd?
Hi,
I connected a multi-homed Win95 machine (carrot, see below) to two
networks (ankh-net and morpork-net) which a multi-homed Linux machine
running Samba 1.9.18p10 (or whatever the latest <2 is) was also connected
to (vimes) and wanted to see which of the two interfaces Win95 would
pick...
--------------------------------- ankh-net 134.225.241.0/24
| |
2008 Oct 14
1
GSSAPI Key Exchange on multi-homed host
>From a security standpoint, if the default keytab (/etc/krb5.keytab)
contains only ONE principal, does it matter if GSSAPIStrictAcceptorCheck
is set to "yes" or "no"?
My company uses an internally built OpenSSH package that includes the
GSSAPI Key Exchange patch. Because we have 1000s of hosts, we need to use
a "standard" sshd_config file that works for the
2003 Jul 26
0
Problems with chan_sip on multi-homed hosts
Hey all,
I'm experiencing a problem with chan_sip on a multi-homed machine.
The machine has 1 interface to the rest of the world and 1 interface
on a local network. The local network has public IP-addresses, though,
and the IP-addresses of both interfaces are reachable from the outside
world, but by default, outgoing traffic from that machine to the outside
world will have the IP-address of