Bug#612582: netstat: misleading info on dual stack hosts for sockets without IPV6_V6ONLY
Alexandre Rossi
alexandre.rossi at gmail.com
Wed Feb 9 10:37:52 UTC 2011
Package: net-tools
Version: 1.60-23
Severity: normal
Tags: upstream ipv6
Hi,
The information reported by netstat can be misleading on a dual-stacked host
(ipv4 and ipv6) whith a socket not using IPV6_V6ONLY.
For instance, my box is running apache which is happily handling ipv4 traffic,
but :
$ netstat -nl4 | grep ':80'
$ netstat -nl | grep ':80'
tcp6 0 0 :::80 :::* LISTEN
$
This is a problem because one may rely on this output to restrict services to
a particular protocol.
Proposed fixes :
- netstat -nl4 should list ipv6 sockets not using IPV6_V6ONLY.
- ipv6 sockets not using IPV6_V6ONLY should be differenciated in the output of
netstat.
I'll be glad to provide more info, try to implement a fix if my solutions are
acceptable, and to test a fixed version.
Alex
-- System Information:
Debian Release: 6.0
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages net-tools depends on:
ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib
net-tools recommends no packages.
net-tools suggests no packages.
-- no debconf information
More information about the Pkg-net-tools-maintainers
mailing list