On Fri, 13 Oct 2017, Walter H. wrote: > I have a virtual server at a hoster, where I have a full /64-prefix, so > I declared a few addeesses with special numbers ... > > e.g. pi = 3.141592653589 and the IPv6 address is > [prefix:3:1415:9265:3589] there is also a special number below 1, the > IPv6 [prefix:0:5772:1566:4901] > > now the bug: > > this works: > -A INPUT -i eth0 -d prefix::5772:1566:4901 -m tcp -p tcp --dport 25 -m > state --state NEW -j ACCEPT > > but this not: > -A INPUT -i eth0 -d prefix:0:5772:1566:4901 -m tcp -p tcp --dport 25 -m > state --state NEW -j ACCEPT An IPv6 address is represented as eight groups of four hexadecimal digits and '::' can be used to shorten just 0 fields. The first command works if the prefix contains four or less number of groups. The second command works only if the prefix contains exactly four number of groups. Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlecsik.jozsef@xxxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences H-1525 Budapest 114, POB. 49, Hungary -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
