[Bug 904] Matching ah without optional argument gives unintuitive result
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Fri Feb 14 11:36:32 CET 2014
https://bugzilla.netfilter.org/show_bug.cgi?id=904
Pablo Neira Ayuso <pablo at netfilter.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |pablo at netfilter.org
Resolution| |WONTFIX
--- Comment #2 from Pablo Neira Ayuso <pablo at netfilter.org> 2014-02-14 11:36:31 CET ---
(In reply to comment #1)
> If you wish to block all ah traffic, you should not be using the ah match.
> Instead, use:
>
> iptables -A INPUT -p ah -j DROP
Right.
And regarding Sebastian's request, we cannot change that behaviour (even if I
agree it's ugly) because there may be people already relying on it (a change
may break backward compatibility).
--
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the netfilter-buglog
mailing list