On Fri, 5 Jun 2009 19:51:32 +0200
Max Kellermann <m...@duempel.org> wrote:
> What's your ferm input? Why do you think this is a ferm bug?
normal:
ferm:
interface lo outerface lo ACCEPT;
iptables-save:
-A INPUT --in-interface lo --out-interface lo --jump ACCEPT
bug:
ferm:
chain ftp_whitelist {
saddr ($WL_HOSTS) mod recent remove name FTP rsource ACCEPT;
}
iptables-save:
-A ftp_whitelist --source ::1/128 --match recent --remove --name FTP --rsource
--jump ACCEPT
-A ftp_whitelist --source 192.168.1.1/24 --match recent --remove --name FTP
--rsource --jump ACCEPT
-A ftp_whitelist --source fe80::208:c7ff:febb:7df8/64 --match recent --remove
--name FTP --rsource --jump ACCEPT
Why would it insert that?
It's inside the "domain ip { ... }" thing, and was generated from an
iptables-save dump. From what I've read and understood from the man
page, anything inside that "domain ip {...}" part is supposed to be
IPv4; so why would it insert IPv6 stuff? I don't have anything even
vaguely related to IPv6 in either the dump, or the ferm.conf. I also
just checked
That's how I know it's a bug.
Maybe I'm reading into your question too much, be it seemed to me you
took it personally that I filed a bug on this. It isn't ;).
thanks,
simon
--
Only when the last tree has died and the last river been poisoned and
the last fish been caught will we realize we cannot eat money.
-- Cree Proverb
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
