[Pkg-utopia-maintainers] Bug#910068: firewalld: rich rules don't allow destination masks
Pavel Kreuzt
pkreuzt at gmail.com
Tue Oct 2 10:45:23 BST 2018
Package: firewalld
Version: 0.6.2-1
Severity: normal
Dear Maintainer,
issuing a rish rule that includes a mask sush as
# firewall-cmd --add-rich-rule='rule family="ipv4" destination address="239.0.0.0/8" accept'
results in an error:
ERROR: Failed to apply rules. A firewall reload might solve the issue if the firewall has been modified using ip*tables or ebtables.
ERROR: '/usr/sbin/nft add rule inet firewalld filter_IN_public_allow meta nfproto ipv4 ip6 daddr 239.0.0.0/8 accept' failed: Error: conflicting protocols specified: ip vs. ip6#012add rule inet firewalld filter_IN_public_allow meta nfproto ipv4 ip6 daddr 239.0.0.0/8 accept#012
This is already patched in Firewalld Github' master branch.
Versions of packages firewalld depends on:
ii dbus 1.12.10-1
ii gir1.2-glib-2.0 1.58.0-1
ii iptables 1.6.2-1.1
ii nftables 0.9.0-1
ii policykit-1 0.105-21
ii python3 3.6.6-1
ii python3-dbus 1.2.8-2+b1
ii python3-gi 3.30.1-1
ii python3-slip-dbus 0.6.5-2
Versions of packages firewalld recommends:
ii ebtables 2.0.10.4-5
ii ipset 6.34-1
firewalld suggests no packages.
-- Configuration Files:
/etc/firewalld/firewalld.conf [Errno 13] Permiso denegado: '/etc/firewalld/firewalld.conf'
/etc/firewalld/lockdown-whitelist.xml [Errno 13] Permiso denegado: '/etc/firewalld/lockdown-whitelist.xml'
-- no debconf information
More information about the Pkg-utopia-maintainers
mailing list