Public bug reported:
Starting from linux-image-6.8.0-1024-nvidia (and now 1025 as well), I
receive an error when loading the following sequence of iptables rules:
awg set warp0 fwmark 1
iptables -A OUTPUT -t mangle -m owner --uid-owner danted1 -m mark --mark 0 ! -d
localhost -j MARK --set-mark 217
iptables -A OUTPUT -t mangle -m owner --uid-owner tinyproxy -m mark --mark 0 !
-d localhost -j MARK --set-mark 227
ip6tables -A OUTPUT -t mangle -m owner --uid-owner danted1 -m mark --mark 0 !
-d ip6-localhost -j MARK --set-mark 217
ip6tables -A OUTPUT -t mangle -m owner --uid-owner tinyproxy -m mark --mark 0 !
-d ip6-localhost -j MARK --set-mark 227
ip rule add fwmark 217 table 217
ip rule add fwmark 227 table 217
ip -6 rule add fwmark 217 table 217
ip -6 rule add fwmark 227 table 217
ip6tables v1.8.7 (nf_tables): unknown option "--set-mark"
Try `ip6tables -h' or 'ip6tables --help' for more information.
Likely the errors refer to the rules on lines 4 or 5 above. Interesting
that only ip6tables rule triggers the error, while iptables apparently
passes correctly.
These rules are used to force all the traffic on certain local proxy
servers to go through a VPN interface. They are located in the interface
.conf file, so they are applied automatically when the interface is set
up (and now this fails making the VPN interface to not load).
Everything worked OK on nvidia kernel versions 1023 and before.
Everything still works on another machine running the mainline (generic)
kernel.
** Affects: linux-signed-nvidia-6.8 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-signed-nvidia-6.8 in Ubuntu.
https://bugs.launchpad.net/bugs/2106326
Title:
ip6tables option --set-mark not working with linux-
image-6.8.0-1024-nvidia and above
Status in linux-signed-nvidia-6.8 package in Ubuntu:
New
Bug description:
Starting from linux-image-6.8.0-1024-nvidia (and now 1025 as well), I
receive an error when loading the following sequence of iptables
rules:
awg set warp0 fwmark 1
iptables -A OUTPUT -t mangle -m owner --uid-owner danted1 -m mark --mark 0 !
-d localhost -j MARK --set-mark 217
iptables -A OUTPUT -t mangle -m owner --uid-owner tinyproxy -m mark --mark 0
! -d localhost -j MARK --set-mark 227
ip6tables -A OUTPUT -t mangle -m owner --uid-owner danted1 -m mark --mark 0 !
-d ip6-localhost -j MARK --set-mark 217
ip6tables -A OUTPUT -t mangle -m owner --uid-owner tinyproxy -m mark --mark 0
! -d ip6-localhost -j MARK --set-mark 227
ip rule add fwmark 217 table 217
ip rule add fwmark 227 table 217
ip -6 rule add fwmark 217 table 217
ip -6 rule add fwmark 227 table 217
ip6tables v1.8.7 (nf_tables): unknown option "--set-mark"
Try `ip6tables -h' or 'ip6tables --help' for more information.
Likely the errors refer to the rules on lines 4 or 5 above.
Interesting that only ip6tables rule triggers the error, while
iptables apparently passes correctly.
These rules are used to force all the traffic on certain local proxy
servers to go through a VPN interface. They are located in the
interface .conf file, so they are applied automatically when the
interface is set up (and now this fails making the VPN interface to
not load).
Everything worked OK on nvidia kernel versions 1023 and before.
Everything still works on another machine running the mainline
(generic) kernel.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-signed-nvidia-6.8/+bug/2106326/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
