219038 – ipv4mapped: echo to /proc/net/xt_recent "not understood"

Bug 219038 - ipv4mapped: echo to /proc/net/xt_recent "not understood"

Summary: ipv4mapped: echo to /proc/net/xt_recent "not understood"

Status:	NEW

Alias:	None

Product:	Networking
Classification:	Unclassified
Component:	Netfilter/Iptables (show other bugs)
Hardware:	All Linux

Importance:	P3 normal
Assignee:	networking_netfilter-iptables@kernel-bugs.osdl.org

URL:
Keywords:

Depends on:
Blocks:

Reported:	2024-07-14 01:08 UTC by Steffen Nurpmeso
Modified:	2024-07-16 21:12 UTC (History)
CC List:	1 user (show)

See Also:
Kernel Version:
Subsystem:
Regression:	No
Bisected commit-id:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Steffen Nurpmeso 2024-07-14 01:08:18 UTC

Hello.

  printf '%s\n' "+::ffff:80.187.103.83" > /proc/net/xt_recent/alien_super

results in

  < /proc/net/xt_recent/alien_super awk '{print $1}'
  src=0000:0000:0000:0000:0000:ffff:50bb:6755

But the actual IPv4 address is not actually blocked from the firewall that does

        add_rule -m recent --name alien_super --rcheck \
                -m recent --name alien_super --update --seconds 84000 --reap -j DROP

(where "add_rule" is a sh(1)ell function that does the expected).
This happens on both AlpineLinux edge with virtual kernel as well as with self-compiled

  Linux kent 6.1.97-ideapad #1 SMP PREEMPT_DYNAMIC Sat Jul  6 21:43:14 CEST 2024 x86_64 GNU/Linux

Comment 1 Artem S. Tashkinov 2024-07-16 07:52:44 UTC

Could you try kernel 6.10 or 6.6.40?

Comment 2 Steffen Nurpmeso 2024-07-16 21:12:57 UTC

6.6.40 does not change the situation.

Note You need to log in before you can comment on or make changes to this bug.