[Bug 1073] New: inet-service vs icmp conflict
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Tue Jun 7 14:05:27 CEST 2016
https://bugzilla.netfilter.org/show_bug.cgi?id=1073
Bug ID: 1073
Summary: inet-service vs icmp conflict
Product: nftables
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter: frederik.schwan at linux.com
netfilter v0.6
what does not work:
table inet filter {
chain input {
icmp type echo-request limit rate 10/second accept
icmpv6 type echo-request limit rate 10/second accept
}
}
gives a "Error: conflicting protocols specified: inet-service vs. icmp"
fix:
table inet filter {
chain input {
meta nfproto ipv4 icmp type echo-request limit rate 10/second accept
meta nfproto ipv6 icmpv6 type echo-request limit rate 10/second accept
}
}
Is this behavior intentional?
Related conversations:
http://www.spinics.net/lists/netfilter/msg55433.html
http://comments.gmane.org/gmane.comp.security.firewalls.netfilter.devel/53202
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20160607/cbcee584/attachment.html>
More information about the netfilter-buglog
mailing list