diff options
author | Phil Sutter <phil@nwl.cc> | 2022-12-15 13:20:21 +0100 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2022-12-20 21:49:38 +0100 |
commit | d96d0791901c10d4edf599b3da069ca3d9acfcc5 (patch) | |
tree | ed43fb29145d6a025e414aae6c61dceaacc51540 /iptables/tests | |
parent | e1eaa04e31e44eab729e4a39a9967c6f1e24d499 (diff) |
nft: Parse icmp header matches
These were previously ignored.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'iptables/tests')
-rw-r--r-- | iptables/tests/shell/testcases/nft-only/0010-iptables-nft-save.txt | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/iptables/tests/shell/testcases/nft-only/0010-iptables-nft-save.txt b/iptables/tests/shell/testcases/nft-only/0010-iptables-nft-save.txt index 73d7108c..5ee4c231 100644 --- a/iptables/tests/shell/testcases/nft-only/0010-iptables-nft-save.txt +++ b/iptables/tests/shell/testcases/nft-only/0010-iptables-nft-save.txt @@ -13,9 +13,9 @@ -A INPUT -d 0.0.0.0/2 -m ttl --ttl-gt 2 -j ACCEPT -A INPUT -d 0.0.0.0/3 -m ttl --ttl-lt 254 -j ACCEPT -A INPUT -d 0.0.0.0/4 -m ttl ! --ttl-eq 255 -j DROP --A INPUT -d 8.0.0.0/5 -p icmp -j ACCEPT --A INPUT -d 8.0.0.0/6 -p icmp -j ACCEPT --A INPUT -d 10.0.0.0/7 -p icmp -j ACCEPT +-A INPUT -d 8.0.0.0/5 -p icmp -m icmp --icmp-type 1 -j ACCEPT +-A INPUT -d 8.0.0.0/6 -p icmp -m icmp --icmp-type 2/3 -j ACCEPT +-A INPUT -d 10.0.0.0/7 -p icmp -m icmp --icmp-type 8 -j ACCEPT -A INPUT -m pkttype --pkt-type broadcast -j ACCEPT -A INPUT -m pkttype ! --pkt-type unicast -j DROP -A INPUT -p tcp |