diff options
| author | Florian Westphal <fw@strlen.de> | 2018-04-18 00:09:06 +0200 |
|---|---|---|
| committer | Florian Westphal <fw@strlen.de> | 2018-04-19 10:18:22 +0200 |
| commit | b6f0bec11e2cc7c3f99d432a5e1204a855f361dd (patch) | |
| tree | 50c34dd8ee1c1da3e5401555739e4657a1c36e62 /extensions/libebt_ip.txlate | |
| parent | f38ed1e59f8d3b62e322563401cabc6dbac5fca5 (diff) | |
libebt_ip: add icmp support
Was added to ebtables recently, so backport this to ebt-compat.
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'extensions/libebt_ip.txlate')
| -rw-r--r-- | extensions/libebt_ip.txlate | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/extensions/libebt_ip.txlate b/extensions/libebt_ip.txlate index 4d31a700..11594cdc 100644 --- a/extensions/libebt_ip.txlate +++ b/extensions/libebt_ip.txlate @@ -15,3 +15,12 @@ nft add rule bridge filter FORWARD udp sport 1024-65535 counter ebtables-translate -A FORWARD --ip-proto 253 nft add rule bridge filter FORWARD ip protocol 253 counter + +ebtables-translate -A FORWARD --ip-icmp-type "echo-request" +nft add rule bridge filter FORWARD ip icmp type 8 counter + +ebtables-translate -A FORWARD --ip-icmp-type 1/1 +nft add rule bridge filter FORWARD ip icmp type 1 ip icmp code 1 counter + +ebtables-translate -A FORWARD --ip-icmp-type ! 1:10 +nft add rule bridge filter FORWARD ip icmp type != 1-10 counter |