Package: firewalld Version: 1.3.0-1 Severity: important Tags: upstream ipv6
Hello, I have found a bug. I upgraded a couple days ago my Raspberrypi to Debian Bookworm and with the newer Debian a new Firewalld was installed. Since then Packages arent forwarded anymore by default. For that to work, you have to create policies in order to make this work. But when you have ipv4 and ipv6 Addresses in one Zone, the nftables backend tries to mix ipv4 addresses with ipv6 addresses in the same rule which gets denied. In the upstream Package this bug is confirmed and fixed in release 1.3.3. The original Bug Report is here: https://github.com/firewalld/firewalld/issues/1146 In order to fix this on debian it is needed to upgrade the firewalld package itself but more important the python3-nftables package to make this work. I have successfully fixed it locally by installeing a pyenv environment and installed the newest pyton packages and also the newest firewalld version. It would be great, if this can be addresses since this is in my opinion a major issue that should be resolved. Cheers Konstantin Nebel -- System Information: Debian Release: 12.0 APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'stable') Architecture: arm64 (aarch64) Kernel: Linux 6.1.0-9-arm64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_CRAP Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages firewalld depends on: ii dbus 1.14.6-1 ii gir1.2-glib-2.0 1.74.0-3 pn gir1.2-nm-1.0 <none> ii policykit-1 122-3 ii polkitd 122-3 ii python3 3.11.2-1+b1 pn python3-dbus <none> pn python3-firewall <none> pn python3-gi <none> pn python3-nftables <none> Versions of packages firewalld recommends: pn ipset <none> ii iptables 1.8.9-2 pn python3-cap-ng <none> firewalld suggests no packages.
