Package: iptables Version: 1.8.1-2 Severity: grave Tags: security Reproduce with:
# ip6tables -A INPUT ! -s ::1 # ip6tables-save | ip6tables-restore Bad argument `!-s' Error occurred at line: 6 Try `ip6tables-restore -h' or 'ip6tables-restore --help' for more information. # ip6tables-save # Generated by xtables-save v1.8.1 on Wed Nov 14 16:42:42 2018 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT !-s ::1/128 COMMIT # Completed on Wed Nov 14 16:42:42 2018 It should export "! -s", i.e. one space after "!", and one space less before "!" Systems trying to load previously saved rules on boot will not be able to load those rules, and may be either unreachable (if they set a strict policy before) or completely open. -- Stefan Bühler Mail/xmpp: stefan.bueh...@tik.uni-stuttgart.de Netze und Kommunikationssysteme der Universität Stuttgart (NKS) https://www.tik.uni-stuttgart.de/ Telefon: +49 711 685 60854