Hi Pablo, On Thu, Oct 18, 2018 at 1:53 PM Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > > Hi Alin, > > On Thu, Oct 18, 2018 at 01:27:01PM +0200, Alin Nastac wrote: > > From: Alin Nastac <alin.nastac@xxxxxxxxx> > > > > nf_conntrack_proto_generic refuse to handle grev6 packets when > > NF_CT_PROTO_GRE is enabled, resulting in grev6 packets being > > categorized as INVALID. > > IIRC, this depends on the pptp helper, right? I'm telling this because > the PPTP helper is IPv4 only and in that case this will not help? > > Recent updates in nf-next removed the l3proto field. See: > > commit dd2934a95701576203b2f61e8ded4e4a2f9183ea > Author: Florian Westphal <fw@xxxxxxxxx> > Date: Mon Sep 17 12:02:54 2018 +0200 > > netfilter: conntrack: remove l3->l4 mapping information > > Which is part of what you want, right? That's right, all I need is a conntrack protocol handler for GRE over IPv6. Florian's solution looks more elegant.
