Duble colon at start or end of IPV6

This forum is only for reproducible bugs with csf and lfd (i.e. not iptables problems, lack of understanding how to use a feature, etc). Posts must be accompanied with full technical details of the problem and how it can be recreated. Any posts not adhering to this, or not considered bugs, will be moved to the General Discussion (csf) forum.
Post Reply
MihanIT
Junior Member
Posts: 3
Joined: 26 May 2016, 12:31

Duble colon at start or end of IPV6

Post by MihanIT »

Hello,

There is a problem in removing IPV6 with double colon at the start or end of IPV6 from csf.deny or csf.allow

Line 1339 and 1424 of csf.pl, it seems \b is not compatible with some IPV6 in the perl regular expression.

Regards




#### Tested on CentOS 7 - Perl v5.16.3

[root@server2:~] $ csf -c
csf is already at the latest version: v8.26

[root@server2:~] $ csf -d 2001:41d0:1000:f6a1::
Adding 2001:41d0:1000:f6a1:: to csf.deny and iptables DROP...
csf: IPSET adding [2001:41d0:1000:f6a1::] to set [chain_6_DENY]

[root@server2:~] $ csf -dr 2001:41d0:1000:f6a1::
csf: 2001:41d0:1000:f6a1:: not found in csf.deny

[root@server2:~] $ csf -a 2001:41d0:1000:f6a2::
Adding 2001:41d0:1000:f6a2:: to csf.allow and iptables ACCEPT...
csf: IPSET adding [2001:41d0:1000:f6a2::] to set [chain_6_ALLOW]

[root@server2:~] $ csf -ar 2001:41d0:1000:f6a2::
csf: 2001:41d0:1000:f6a2:: not found in csf.allow

[root@server2:~] $ csf -d ::ffff
Adding ::ffff to csf.deny and iptables DROP...
csf: IPSET adding [::ffff] to set [chain_6_DENY]

[root@server2:~] $ csf -dr ::ffff
csf: ::ffff not found in csf.deny
ForumAdmin
Moderator
Posts: 1523
Joined: 01 Oct 2008, 09:24

Re: Duble colon at start or end of IPV6

Post by ForumAdmin »

Thank you for reporting this. We will look into a fix in the next release.
Post Reply