[Bug 745] New: [addrtype]addrtype can't match src-type BROADCAST packets
bugzilla-daemon at bugzilla.netfilter.org
bugzilla-daemon at bugzilla.netfilter.org
Mon Sep 5 04:49:51 CEST 2011
http://bugzilla.netfilter.org/show_bug.cgi?id=745
Summary: [addrtype]addrtype can't match src-type BROADCAST
packets
Product: netfilter/iptables
Version: linux-2.6.x
Platform: mips64
OS/Version: Debian GNU/Linux
Status: NEW
Severity: major
Priority: P5
Component: ip_tables (kernel)
AssignedTo: netfilter-buglog at lists.netfilter.org
ReportedBy: wensy1009 at sina.com
Estimated Hours: 0.0
why netfilter can't match addrtype src-type is BROADCAST packets,but can filter
match addrtype dst-type BROADCAST packets?
when I send packet source ip 1.1.1.1 dest ip 3.3.3.255 it can filter the
pkts,but
when I send packet source ip 1.1.1.255 dest ip 3.3.3.2 it can't drop packets.
my ip is 1.1.1.1/24.
Need ur help!!!Thanks a lot~!
iptables -L -v -n
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target port opt in out source destination
3698 170K smurf icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp
type 8
3698 170K icmp_flood icmp -- * * 0.0.0.0/0 0.0.0.0/0
Chain icmp_flood(1 references)
pkts bytes target port opt in out source destination
1858 85468 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 limit:
avg 10/sec burst 10
1840 84640 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0
Chain smurf (1 references)
pkts bytes target port opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE
match src-type BROADCAST
131 6026 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE
match dst-type BROADCAST
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.
More information about the netfilter-buglog
mailing list