Mailinglist Archive: opensuse-bugs (4295 mails)

< Previous Next >
[Bug 954790] SuSEfirewall2: no input of IPv6 multicast listener reports allowed
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Tue, 16 May 2017 13:20:19 +0000
  • Message-id: <bug-954790-21960-MMjP1XUGvR@http.bugzilla.suse.com/>
http://bugzilla.suse.com/show_bug.cgi?id=954790
http://bugzilla.suse.com/show_bug.cgi?id=954790#c4

Matthias Gerstner <matthias.gerstner@xxxxxxxx> changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |INVALID

--- Comment #4 from Matthias Gerstner <matthias.gerstner@xxxxxxxx> ---
Since there was no reply I think the issue is no longer valid.

Current SuSEfirewall2 in openSUSE should allow input of IPv6 multicast
listener reports. Connection tracking for these should be implemented in the
kernel. Output of the query should always be allowed. The reports should be
allowed by means of connection tracking.

The connection tracking is setup by SuSEfirewall2 in function
allow_basic_established() by adding an iptables rule like this:

$IP6TABLES -A INPUT -j "$ACCEPT" -p icmpv6 -m conntrack --ctstate RELATED

Closing this bug as INVALID.

--
You are receiving this mail because:
You are on the CC list for the bug.
< Previous Next >