netfilter buglog - Sep 2006 - [Bug 520] New: iptables-save put a invalid entry in file (module ipt_icmp)

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=520

           Summary: iptables-save put a invalid entry in file (module
                    ipt_icmp)
           Product: iptables
           Version: 1.3.5
          Platform: i386
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: iptables-save
        AssignedTo: laforge@netfilter.org
        ReportedBy: vinicius@america-net.com.br
                CC: vinicius@america-net.com.br


The bug occurs when I have one icmp rule without icmp-type.
Tested from iptables 1.2.9 to 1.3.5, all these versions have the same problem.

I add the rule:
$ iptables -A INPUT -p icmp -j ACCEPT

So, I do the following command do sabe my rules:
$ iptables-save > /etc/iptables.rules

In the next reboot, my firewall script try to restore the firewall rules:
$ iptables-restore < /etc/iptables.rules

The last command returns:
Bad argument `any'
Try `iptables -h' or 'iptables --help' for more information.

It occurs because the iptables-save write this line:
-A INPUT -m icmp -p icmp any -j ACCEPT

"any" is not a valid libipt_icmp option.

The line saved would be:
-A INPUT -m icmp -p icmp --icmp-type any -j ACCEPT

Regards

Vinicius M. de Souza

-- 
Configure bugmail:
https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.