[pkg-netfilter-team] Bug#915627: iptables: ip6tables-restore v1.8.2 (nf_tables): unknown option "--icmpv6-type" Error occurred at line: 38

PatrikX3 alabard at gmail.com
Fri Dec 21 10:40:27 GMT 2018 

*It happens when I execute this:*

/usr/share/ufw/check-requirements

*Output - the fail is in the bold text
*

root at server:~# /usr/share/ufw/check-requirements
Has python: pass (binary: python2.7, version: 2.7.15+, py2)
Has iptables: pass
Has ip6tables: pass

Has /proc/net/dev: pass
Has /proc/net/if_inet6: pass

This script will now attempt to create various rules using the iptables
and ip6tables commands. This may result in module autoloading (eg, for
IPv6).
Proceed with checks (Y/n)? y
== IPv4 ==
Creating 'ufw-check-requirements'... done
Inserting RETURN at top of 'ufw-check-requirements'... done
TCP: pass
UDP: pass
destination port: pass
source port: pass
ACCEPT: pass
DROP: pass
REJECT: pass
LOG: pass
hashlimit: pass
limit: pass
ctstate (NEW): pass
ctstate (RELATED): pass
ctstate (ESTABLISHED): pass
ctstate (INVALID): pass
ctstate (new, recent set): pass
ctstate (new, recent update): pass
ctstate (new, limit): pass
interface (input): pass
interface (output): pass
multiport: pass
comment: pass
addrtype (LOCAL): pass
addrtype (MULTICAST): pass
addrtype (BROADCAST): pass
icmp (destination-unreachable): pass
icmp (source-quench): pass
icmp (time-exceeded): pass
icmp (parameter-problem): pass
icmp (echo-request): pass

== IPv6 ==
Creating 'ufw-check-requirements6'... done
Inserting RETURN at top of 'ufw-check-requirements6'... done
TCP: pass
UDP: pass
destination port: pass
source port: pass
ACCEPT: `pass
DROP: pass
REJECT: pass
LOG: pass
hashlimit: pass
limit: pass
ctstate (NEW): pass
ctstate (RELATED): pass
ctstate (ESTABLISHED): pass
ctstate (INVALID): pass
ctstate (new, recent set): pass
ctstate (new, recent update): pass
ctstate (new, limit): pass
interface (input): pass
interface (output): pass
multiport: pass
comment: pass
*icmpv6 (destination-unreachable): FAIL**
**error was: ip6tables v1.8.2 (nf_tables): unknown option "--icmpv6-type"**
**Try `ip6tables -h' or 'ip6tables --help' for more information.**
**icmpv6 (packet-too-big): FAIL**
**error was: ip6tables v1.8.2 (nf_tables): unknown option "--icmpv6-type"**
**Try `ip6tables -h' or 'ip6tables --help' for more information.**
**icmpv6 (time-exceeded): FAIL**
**error was: ip6tables v1.8.2 (nf_tables): unknown option "--icmpv6-type"**
**Try `ip6tables -h' or 'ip6tables --help' for more information.**
**icmpv6 (parameter-problem): FAIL**
**error was: ip6tables v1.8.2 (nf_tables): unknown option "--icmpv6-type"**
**Try `ip6tables -h' or 'ip6tables --help' for more information.**
**icmpv6 (echo-request): FAIL**
**error was: ip6tables v1.8.2 (nf_tables): unknown option "--icmpv6-type"**
**Try `ip6tables -h' or 'ip6tables --help' for more information.**
**icmpv6 with hl (neighbor-solicitation): FAIL**
**error was: ip6tables v1.8.2 (nf_tables): unknown option "--icmpv6-type"**
**Try `ip6tables -h' or 'ip6tables --help' for more information.**
**icmpv6 with hl (neighbor-advertisement): FAIL**
**error was: ip6tables v1.8.2 (nf_tables): unknown option "--icmpv6-type"**
**Try `ip6tables -h' or 'ip6tables --help' for more information.**
**icmpv6 with hl (router-solicitation): FAIL**
**error was: ip6tables v1.8.2 (nf_tables): unknown option "--icmpv6-type"**
**Try `ip6tables -h' or 'ip6tables --help' for more information.**
**icmpv6 with hl (router-advertisement): FAIL**
**error was: ip6tables v1.8.2 (nf_tables): unknown option "--icmpv6-type"**
**Try `ip6tables -h' or 'ip6tables --help' for more information.**
**ipv6 rt: pass**
**
**FAIL: check your kernel and that you have iptables >= 1.4.0*



On Wed, 05 Dec 2018 13:27:06 +0100 Patrik Laszlo wrote:


 > Package: iptables
 > Version: 1.8.2-2
 > Severity: normal
 >
 > Dear Maintainer,
 >
 > *** Reporter, please consider answering these questions, where 
appropriate ***
 >
 > * What led up to the situation?
 > I cannot use UFW, because as the subject says unknown option 
"--icmpv6-type".
 >
 > * What exactly did you do (or not do) that was effective (or
 > ineffective)?
 > After I updated everything to up to date in Debian Testing/Buster, I 
cannot use the UFW anymore.
 > ufw disable && ufw enable give that error
 >
 > * What was the outcome of this action?
 > UFW is not working now
 >
 > * What outcome did you expect instead?
 > It has been using the last 3 years with no problem with UFW
 >
 >
 > *** End of the template - remove these template lines ***
 >
 >
 > -- System Information:
 > Debian Release: buster/sid
 > APT prefers testing
 > APT policy: (500, 'testing')
 > Architecture: amd64 (x86_64)
 >
 > Kernel: Linux 4.15.0-2-amd64 (SMP w/8 CPU cores)
 > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
 > Shell: /bin/sh linked to /bin/dash
 > Init: systemd (via /run/systemd/system)
 > LSM: AppArmor: enabled
 >
 > Versions of packages iptables depends on:
 > ii libc6 2.27-8
 > ii libip4tc0 1.8.2-2
 > ii libip6tc0 1.8.2-2
 > ii libiptc0 1.8.2-2
 > ii libmnl0 1.0.4-2
 > ii libnetfilter-conntrack3 1.0.7-1
 > ii libnfnetlink0 1.0.1-3+b1
 > ii libnftnl7 1.1.1-1
 > ii libxtables12 1.8.2-2
 >
 > iptables recommends no packages.
 >
 > Versions of packages iptables suggests:
 > ii kmod 25-2
 >
 > -- no debconf information
 >
 >

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-netfilter-team/attachments/20181221/8106c2a2/attachment-0001.html>

More information about the pkg-netfilter-team mailing list