Modify

Opened 2 years ago

Last modified 2 years ago

#21426 new defect

15.05 ipv6 nat table can't find targets on TL703N

Reported by: anonymous Owned by: developers
Priority: normal Milestone:
Component: base system Version: Chaos Calmer 15.05
Keywords: firewall, ipv6 nat Cc:

Description

15.05 git comit 325e234 code, custom build image for TL703N.

I need ipv6 nat redirect. All needed modules are loaded. But no ipv6 nat table found in luci ipv6 firewall page.

/etc/init.d/firewall restart said:

  • Flushing IPv4 filter table
  • Flushing IPv4 nat table
  • Flushing IPv4 mangle table
  • Flushing IPv4 raw table
  • Flushing IPv6 filter table
  • Flushing IPv6 nat table
  • Flushing IPv6 mangle table
  • Flushing IPv6 raw table
  • Flushing conntrack table ...
  • Populating IPv4 filter table
    • Zone 'lan'
    • Zone 'wan'
    • Rule 'Allow-DHCP-Renew'
    • Rule 'Allow-Ping'
    • Rule 'Allow-IGMP'
    • Rule #7
    • Rule #8
    • Forward 'lan' -> 'wan'
  • Populating IPv4 nat table
    • Zone 'lan'
    • Zone 'wan'
  • Populating IPv4 mangle table
    • Zone 'lan'
    • Zone 'wan'
  • Populating IPv4 raw table
    • Zone 'lan'
    • Zone 'wan'
  • Populating IPv6 filter table
    • Zone 'lan'
    • Zone 'wan'
    • Rule 'Allow-DHCPv6'
    • Rule 'Allow-MLD'
    • Rule 'Allow-ICMPv6-Input'
    • Rule 'Allow-ICMPv6-Forward'
    • Rule #7
    • Rule #8
    • Forward 'lan' -> 'wan'
  • Populating IPv6 nat table
    • Zone 'lan'

Warning: fw3_ipt_rule_append(): Can't find target 'prerouting_lan_rule'
Warning: fw3_ipt_rule_append(): Can't find target 'postrouting_lan_rule'

  • Zone 'wan'

Warning: fw3_ipt_rule_append(): Can't find target 'prerouting_wan_rule'
Warning: fw3_ipt_rule_append(): Can't find target 'postrouting_wan_rule'
Warning: fw3_ipt_rule_append(): Can't find target 'delegate_prerouting'
Warning: fw3_ipt_rule_append(): Can't find target 'delegate_postrouting'
Warning: fw3_ipt_rule_append(): Can't find target 'prerouting_rule'
Warning: fw3_ipt_rule_append(): Can't find target 'postrouting_rule'

  • Populating IPv6 mangle table
    • Zone 'lan'
    • Zone 'wan'
  • Populating IPv6 raw table
    • Zone 'lan'
    • Zone 'wan'
  • Set tcp_ecn to off
  • Set tcp_syncookies to on
  • Set tcp_window_scaling to on
  • Running script '/etc/firewall.user'
  • Running script '/usr/share/miniupnpd/firewall.include'

Attachments (0)

Change History (4)

comment:1 follow-up: Changed 2 years ago by anonymous

Since March 2015 netfilter maximum table name length is 32 bytes.

Check if you're using UTF-8 as character set for the configuration file or for netfilter table names or if you're using non-ascii characters.

If so... each character takes 2 bytes and you're probably overflowing the max length of the table name.

comment:2 Changed 2 years ago by anonymous

btw, i think a similar length limit exists for target names themselves too.

comment:3 in reply to: ↑ 1 Changed 2 years ago by anonymous

I didn't add any custom table name. All table are created by openwrt default settings. The ipv4 tables are corrected.The ipv6 mangle/raw tables are corrected. Only ipv6 nat table wrong.

Replying to anonymous:

Since March 2015 netfilter maximum table name length is 32 bytes.

Check if you're using UTF-8 as character set for the configuration file or for netfilter table names or if you're using non-ascii characters.

If so... each character takes 2 bytes and you're probably overflowing the max length of the table name.

comment:4 Changed 2 years ago by anonymous

This happens when wan6 interface does not exist

Add Comment

Modify Ticket

Action
as new .
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.