This commit fixes the issue of not being able to set some IPv6 rules after IPv4 rules with matches have been set (or the other way around). The family for the matches has to be also updated when changing between IP protocols. --- src/iptables.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/iptables.c b/src/iptables.c index 305a553f..a188f99a 100644 --- a/src/iptables.c +++ b/src/iptables.c @@ -3330,6 +3330,7 @@ static int current_type = -1; static int setup_xtables(int type) { int err; + struct xtables_match *xt_m; DBG("%d", type); @@ -3351,6 +3352,13 @@ static int setup_xtables(int type) } if (!err) { + /* + * Set the match type, otherwise loading of matches in xtables + * will fail. + */ + for (xt_m = xtables_matches; xt_m; xt_m = xt_m->next) + xt_m->family = type; + current_type = type; } else { connman_error("error initializing xtables"); -- 2.19.1