Arch Linux

Description:
ip6tables mask with recent module sets /16 mask regardless of defined one

Additional info:
* iptables 1.6.0-1

Steps to reproduce:

Set up ip6tables rules
ip6tables -A INPUT -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 7200 --hitcount 3 --rttl --name ssh --mask :: --rsource -j DROP
ip6tables -A INPUT -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -m recent --set --name ssh --mask :: --rsource -j ACCEPT

or

ip6tables -A INPUT -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 7200 --hitcount 3 --rttl --name ssh --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --rsource -j DROP
ip6tables -A INPUT -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -m recent --set --name ssh --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --rsource -j ACCEPT

or

ip6tables -A INPUT -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 7200 --hitcount 3 --rttl --name ssh --mask ffff:ffff:ffff:ffff:: --rsource -j DROP
ip6tables -A INPUT -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -m recent --set --name ssh --mask ffff:ffff:ffff:ffff:: --rsource -j ACCEPT

connect to host and /proc/net/xt_recent/ssh will have line like:
src=2001:2003:0000:0000:0000:0000:0000:0000 ttl: 51 last_seen: 4295463426 oldest_pkt: 1 4295463426

I tried same ip6tables rules with opensuse leap 42.2 witch have iptables-1.4.21-5.4.x86_64 package installed and on that machine src on /proc/net/xt_recent/ssh has properly masked src.