[Bug 548] ip6tables accepts -p icmp

bugzilla-daemon at bugzilla.netfilter.org bugzilla-daemon at bugzilla.netfilter.org
Fri Mar 16 06:54:15 CET 2007


https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=548





------- Additional Comments From kaber at trash.net  2007-03-16 06:54 MET -------
I don't really consider this a bug. -p accepts any protocol number or protocol
from /etc/protocols, which contains icmp. You could just as well use "-p 123",
which AFAIK doesn't even exist.

Its just a numerical comparison in the kernel, the fact that ICMP over IPv6 does
not exist doesn't hinder anyone from sending an IPv6 packet with nexthdr = ICMP.

-- 
Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You reported the bug, or are watching the reporter.



More information about the netfilter-buglog mailing list