bugzilla-daemon@netfilter.org
2003-Jun-11 17:32 UTC
[Bug 98] state ESTABLISHED allow ipip tunnels
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=98 ------- Additional Comments From elacour@easter-eggs.com 2003-06-11 19:32 ------- I forget: If I insert a drop on protocol 4 before "ESTABLISHED" rules, ip in ip is really denied. ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
bugzilla-daemon@netfilter.org
2003-Jun-19 12:00 UTC
[Bug 98] state ESTABLISHED allow ipip tunnels
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=98
laforge@netfilter.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
------- Additional Comments From laforge@netfilter.org 2003-06-19 14:00 -------
This is definitely not the desired behaviour. Any unknown protocols are treaded
with the GENERIC_TIMEOUT, and the first packet has to be of state NEW.
I'll try if I can reproduce this.
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.