| 2006-10-14 13:37:58 |
Oliver Lemke |
bug |
|
|
added bug |
| 2006-10-14 13:52:20 |
Oliver Lemke |
shorewall: statusexplanation |
|
Reassigned to iptables. Shorewall works fine with version 1.3.3-2ubuntu4 but not with 1.3.5.0debian1-1ubuntu1 |
|
| 2006-10-14 21:16:35 |
Rocco Stanzione |
iptables: status |
Unconfirmed |
Needs Info |
|
| 2006-10-14 21:16:35 |
Rocco Stanzione |
iptables: statusexplanation |
Reassigned to iptables. Shorewall works fine with version 1.3.3-2ubuntu4 but not with 1.3.5.0debian1-1ubuntu1 |
The new iptables does support --icmp-type, and the following rule:
sudo iptables -A INPUT -p icmp --icmp-type fragmentation-need
works fine. I haven't got a working shorewall config, so it's hard to track it down much further, but I wonder if one of you could try changing the shebang line to #!/bin/bash at the top of /sbin/shorewall, and see if you get the same results. I don't see where a "Drop" chain is ever getting created, and I'm curious to see if some non-POSIX magic is building the rule wrong, because macro.AllowICMPs is the only place in the entire source package where anything like this seems to happen, and the target there is ACCEPT. |
|
| 2006-10-18 06:34:38 |
Kai Kasurinen |
iptables: status |
Needs Info |
Confirmed |
|
| 2006-10-18 06:34:38 |
Kai Kasurinen |
iptables: statusexplanation |
The new iptables does support --icmp-type, and the following rule:
sudo iptables -A INPUT -p icmp --icmp-type fragmentation-need
works fine. I haven't got a working shorewall config, so it's hard to track it down much further, but I wonder if one of you could try changing the shebang line to #!/bin/bash at the top of /sbin/shorewall, and see if you get the same results. I don't see where a "Drop" chain is ever getting created, and I'm curious to see if some non-POSIX magic is building the rule wrong, because macro.AllowICMPs is the only place in the entire source package where anything like this seems to happen, and the target there is ACCEPT. |
|
|
| 2006-10-18 06:34:57 |
Kai Kasurinen |
title |
macro.AllowICMPs fails on startup |
Unknown arg `--icmp-type' |
|
| 2006-10-20 18:17:14 |
Rocco Stanzione |
marked as duplicate |
|
66681 |
|
| 2012-02-28 18:09:53 |
Kai Kasurinen |
removed subscriber Kai Kasurinen |
|
|
|
