[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netfilter
Subject:    ip6tables --set-mark drops/distorts link-local packets
From:       Georgios Amanakis <gamanakis () gmail ! com>
Date:       2016-06-03 16:09:05
Message-ID: CACvFP_jMmuDPkN+ynW3vrZecdTPFGB6g=s9q5ZX1T_C8rL=3nQ () mail ! gmail ! com
[Download RAW message or body]

Hi all,

I have already posted this in the lartc mailing list but I think the
netfilter one is more suitable.

I discovered that marking IPv6 packets with ip6tables results in link-
local traffic being dropped/distorted. Specifically link-local UDP
traffic on ports 546-547 (necessary for DHCPv6) fails in this
situation. I provide a script for testing purposes:

-----------8<------------
#!/usr/bin/sh

ip6tables -t mangle -F
ip6tables -t mangle -A OUTPUT -o $oif -j MARK --set-mark 3

exit 0
-----------8<------------

Is this behavior known/expected? My search didn't reveal any relevant
results on the web.
I am running Archlinux, uname -a:
"Linux a-router 4.4.11-1-lts #1 SMP Thu May 19 21:03:24 CEST 2016
x86_64 GNU/Linux"

George
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[prev in list] [next in list] [prev in thread] [next in thread]