I. Users of ufw with kernels that do not have ipv6 and/or ip6_tables
available see confusing error messages when enabling the firewall.
ip6_tables is not available in the -virtual kernel, as well as other
virtualization kernels. ufw does not require that ipv6 be available,
and the errors are not fatal with regard to ipv4 rules still working.
II. this has been fixed in 0.18.2 (will be uploaded after alpha
freeze). /etc/init.d/ufw has been adjusted to use 'ip6tables -L INPUT'
to check if ipv6 firewall support is available. Previously, ufw
attempted to detect ipv6 support by seeing it /proc/sys/net/ipv6
existed. This was not enough as some shipped kernels have ipv6 support,
but not ipv6 firewall (ie ip6_tables) support enabled. Checking the
return code of ' ip6tables -L INPUT' is a convenient check for both.
III. debdiff is attached that addresses this bug and bug #251355 (also
SRU candidate).
IV. TEST CASE
1. install -virtual kernel and reboot into it
2. sudo ufw enable (lot's of error output)
3. sudo /etc/init.d/ufw stop (lot's of error output)
4. sudo /etc/init.d/ufw restart (lot's of error output)
5. sudo /etc/init.d/ufw force-reload
V. It is believed there is no regression potential for this patch. See
bug #251355 for further discussion regarding it's changes.
** Changed in: ufw (Ubuntu Hardy)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
Status: New => Confirmed
--
ufw complains when ipv6 is blacklisted
https://bugs.launchpad.net/bugs/194844
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
