219397 – [6.6.57] NFLOG issue with ipv6 iptables rules

Bug 219397 - [6.6.57] NFLOG issue with ipv6 iptables rules

Summary: [6.6.57] NFLOG issue with ipv6 iptables rules

Status:	NEW

Alias:	None

Product:	Networking
Classification:	Unclassified
Component:	Netfilter/Iptables (show other bugs)
Hardware:	All Linux

Importance:	P3 normal
Assignee:	networking_netfilter-iptables@kernel-bugs.osdl.org

URL:
Keywords:

Depends on:
Blocks:

Reported:	2024-10-18 16:00 UTC by yannick.martin+kernelorg
Modified:	2024-10-22 08:09 UTC (History)
CC List:	1 user (show)

See Also:
Kernel Version:	6.6.57
Subsystem:
Regression:	No
Bisected commit-id:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description yannick.martin+kernelorg 2024-10-18 16:00:02 UTC

Since 6.6.57, I have the following issue:

ip6tables -A INPUT -j NFLOG --nflog-group 1 --nflog-prefix "DROP"
Warning: Extension NFLOG revision 0 not supported, missing kernel module?

Regarding diff https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/diff/net/netfilter/xt_NFLOG.c?id=v6.6.57&id2=v6.6.56

I wonder if the issue is not related to the change in ipv6 part:
+ .family     = NFPROTO_IPV4,
instead of:
+ .family     = NFPROTO_IPV6,

Comment 1 The Linux kernel's regression tracker (Thorsten Leemhuis) 2024-10-22 08:09:33 UTC

Not my area of expertise, but from a quick look is seems to be a known
problem due to some typos and people are working on a fix here:

https://lore.kernel.org/all/20241021094536.81487-1-pablo@netfilter.org/

Note You need to log in before you can comment on or make changes to this bug.