netfilter buglog - Feb 2007 - [Bug 548] ip6tables accepts -p icmp

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=548





------- Additional Comments From michal@logix.cz  2007-02-25 23:31 MET -------
For the record, the command is "ip6tables ... -p icmp". Just in case
someone
changes the Summary.

-- 
Configure bugmail:
https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=548





------- Additional Comments From kaber@trash.net  2007-03-16 06:54 MET -------
I don't really consider this a bug. -p accepts any protocol number or
protocol
from /etc/protocols, which contains icmp. You could just as well use "-p
123",
which AFAIK doesn't even exist.

Its just a numerical comparison in the kernel, the fact that ICMP over IPv6 does
not exist doesn't hinder anyone from sending an IPv6 packet with nexthdr =
ICMP.

-- 
Configure bugmail:
https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=548





------- Additional Comments From kaber@trash.net  2007-03-16 06:54 MET -------
I don't really consider this a bug. -p accepts any protocol number or
protocol
from /etc/protocols, which contains icmp. You could just as well use "-p
123",
which AFAIK doesn't even exist.

Its just a numerical comparison in the kernel, the fact that ICMP over IPv6 does
not exist doesn't hinder anyone from sending an IPv6 packet with nexthdr =
ICMP.

-- 
Configure bugmail:
https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You reported the bug, or are watching the reporter.