IPv6 enabled by default causes indifferent error message (no hint to missing IPv6 support)

crowdsecurity / cs-firewall-bouncer

Crowdsec bouncer written in golang for firewalls

MIT License

116 stars 43 forks source link

IPv6 enabled by default causes indifferent error message (no hint to missing IPv6 support) #343

Open olk opened 11 months ago

olk commented 11 months ago

Hi, I'm using crowdsec-firewall-bouncer-nftables. I get errors in the log like:

time="25-11-2023 22:16:19" level=info msg="backend type : nftables"
time="25-11-2023 22:16:19" level=fatal msg="conn.Receive: netlink receive: operation not supported"

What are the required kernel options for crowdsec-firewall-bouncer-nftables?

olk commented 11 months ago

I found out, that IPv6 is enabled per default in the crowdsec-firewall-bouncer.yaml. But I've completely disabled IPv6 in my kernel. I suggest you test for IPv6 and write out a specific warning/error message ...