Your message dated Thu, 26 Aug 2021 10:30:43 +0100
with message-id <YSdfQ97/[email protected]>
and subject line Closing bug report
has caused the Debian Bug report #625295,
regarding xtables-addons-source: ipv4options module doesn't match packets
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
625295: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=625295
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: xtables-addons-source
Version: 1.26-2
Severity: normal

Hi,

either I'm misunderstanding how to use it, either the ipv4options module
doesn't work.

The rule I'm using :
iptables -A FORWARD -m ipv4options --flags timestamp,ssrr,lsrr --any -j
DROP

Then test timestamp using hping3 :
sudo hping3 --fast -c 3 -n -S -p 80 --tcp-timestamp $host

(the host is correctly answering on port 80).
One can see with a packet sniffer (tshark for instance) that the packets
indeed have the timestamp option turned on. But the rule's counter stays
at 0, the packets continue their journey into the filtering rules.

I tried matching only the timestamp (without --any), or using an exact
match (nop,timestamp, without the --any flag), to no avail.

Cheers,

-- System Information:
Debian Release: 6.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686-bigmem (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages xtables-addons-source depends on:
ii  bzip2                         1.0.5-6    high-quality block-sorting file co
ii  debhelper                     8.0.0      helper programs for debian/rules
ii  iptables-dev                  1.4.8-3    iptables development files
ii  make                          3.81-8     An utility for Directing compilati
ii  module-assistant              0.11.3     tool to make module package creati
ii  pkg-config                    0.25-1.1   manage compile and link flags for 

xtables-addons-source recommends no packages.

xtables-addons-source suggests no packages.

-- no debconf information



--- End Message ---
--- Begin Message ---
The bug report was the result of a misunderstanding on the part of the
submitter which I have hopefully corrected.

J.

Attachment: signature.asc
Description: PGP signature


--- End Message ---

Reply via email to