summaryrefslogtreecommitdiffstats
path: root/extensions/libipt_icmp.txlate
diff options
context:
space:
mode:
Diffstat (limited to 'extensions/libipt_icmp.txlate')
-rw-r--r--extensions/libipt_icmp.txlate8
1 files changed, 8 insertions, 0 deletions
diff --git a/extensions/libipt_icmp.txlate b/extensions/libipt_icmp.txlate
new file mode 100644
index 00000000..434f8cc4
--- /dev/null
+++ b/extensions/libipt_icmp.txlate
@@ -0,0 +1,8 @@
+iptables-translate -t filter -A INPUT -m icmp --icmp-type echo-reply -j ACCEPT
+nft add rule ip filter INPUT icmp type echo-reply counter accept
+
+iptables-translate -t filter -A INPUT -m icmp --icmp-type 3 -j ACCEPT
+nft add rule ip filter INPUT icmp type destination-unreachable counter accept
+
+iptables-translate -t filter -A INPUT -m icmp ! --icmp-type 3 -j ACCEPT
+nft add rule ip filter INPUT icmp type != destination-unreachable counter accept