Bug 219397

Summary: [6.6.57] NFLOG issue with ipv6 iptables rules
Product: Networking Reporter: yannick.martin+kernelorg
Component: Netfilter/IptablesAssignee: networking_netfilter-iptables (networking_netfilter-iptables)
Status: NEW ---    
Severity: normal CC: regressions
Priority: P3    
Hardware: All   
OS: Linux   
Kernel Version: 6.6.57 Subsystem:
Regression: No Bisected commit-id:

Description yannick.martin+kernelorg 2024-10-18 16:00:02 UTC 
Since 6.6.57, I have the following issue:

ip6tables -A INPUT -j NFLOG --nflog-group 1 --nflog-prefix "DROP"
Warning: Extension NFLOG revision 0 not supported, missing kernel module?

Regarding diff https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/diff/net/netfilter/xt_NFLOG.c?id=v6.6.57&id2=v6.6.56

I wonder if the issue is not related to the change in ipv6 part:
+ .family     = NFPROTO_IPV4,
instead of:
+ .family     = NFPROTO_IPV6,
Comment 1 The Linux kernel's regression tracker (Thorsten Leemhuis) 2024-10-22 08:09:33 UTC 
Not my area of expertise, but from a quick look is seems to be a known
problem due to some typos and people are working on a fix here:

https://lore.kernel.org/all/20241021094536.81487-1-pablo@netfilter.org/