diff options
Diffstat (limited to 'extensions/libipt_icmp.t')
-rw-r--r-- | extensions/libipt_icmp.t | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/extensions/libipt_icmp.t b/extensions/libipt_icmp.t index f4ba65c2..4ea93621 100644 --- a/extensions/libipt_icmp.t +++ b/extensions/libipt_icmp.t @@ -1,11 +1,8 @@ :INPUT,FORWARD,OUTPUT -p icmp -m icmp --icmp-type any;=;OK -# output uses the number, better use the name? -# ERROR: cannot find: iptables -I INPUT -p icmp -m icmp --icmp-type echo-reply -# -p icmp -m icmp --icmp-type echo-reply;=;OK -# output uses the number, better use the name? -# ERROR: annot find: iptables -I INPUT -p icmp -m icmp --icmp-type destination-unreachable -# -p icmp -m icmp --icmp-type destination-unreachable;=;OK +# XXX: output uses the number, better use the name? +-p icmp -m icmp --icmp-type echo-reply;-p icmp -m icmp --icmp-type 0;OK +-p icmp -m icmp --icmp-type destination-unreachable;-p icmp -m icmp --icmp-type 3;OK # it does not acccept name/name, should we accept this? # ERROR: cannot load: iptables -A INPUT -p icmp -m icmp --icmp-type destination-unreachable/network-unreachable # -p icmp -m icmp --icmp-type destination-unreachable/network-unreachable;=;OK @@ -13,3 +10,5 @@ # we accept "iptables -I INPUT -p tcp -m tcp", why not this below? # ERROR: cannot load: iptables -A INPUT -p icmp -m icmp # -p icmp -m icmp;=;OK +-p icmp -m icmp --icmp-type 255/255;=;OK +-p icmp -m icmp --icmp-type 255/0:255;-p icmp -m icmp --icmp-type any;OK |