[Git][archlinux/packaging/packages/nftables][main] match icmp and icmpv6 in one rule

Thu, 29 Jan 2026 00:00:02 -0800 


Christian Hesse pushed to branch main at Arch Linux / Packaging / Packages / 
nftables


Commits:
4ca725ed by Christian Hesse at 2026-01-29T08:58:41+01:00
match icmp and icmpv6 in one rule

- - - - -


3 changed files:

- .SRCINFO
- PKGBUILD
- nftables.conf


Changes:

=====================================
.SRCINFO
=====================================
@@ -28,7 +28,7 @@ pkgbase = nftables
        source = nftables.service
        validpgpkeys = 8C5F7146A1757A65E2422A94D70D1A666ACF2B21
        sha256sums = 
2874c264df80d770d95e2a93f15cddf65ee642fad8977777c12e745bf3eb8d61
-       sha256sums = 
f83d6f2f99f306866850c60ff0e343bbd9bc0c989d333ebe288563f7be4afe20
+       sha256sums = 
fa2f984794025339cf2d26d329f9b0bf83a39b9fa310d06b4cc40a0c1b0c8f46
        sha256sums = 
deffeef36fe658867dd9203ec13dec85047a6d224ea63334dcf60db97e1809ea
 
 pkgname = nftables


=====================================
PKGBUILD
=====================================
@@ -20,7 +20,7 @@ 
source=("git+https://git.netfilter.org/nftables.git#tag=v${pkgver}?signed";
         'nftables.service')
 install=nftables.install
 sha256sums=('2874c264df80d770d95e2a93f15cddf65ee642fad8977777c12e745bf3eb8d61'
-            'f83d6f2f99f306866850c60ff0e343bbd9bc0c989d333ebe288563f7be4afe20'
+            'fa2f984794025339cf2d26d329f9b0bf83a39b9fa310d06b4cc40a0c1b0c8f46'
             'deffeef36fe658867dd9203ec13dec85047a6d224ea63334dcf60db97e1809ea')
 
 prepare() {


=====================================
nftables.conf
=====================================
@@ -13,8 +13,7 @@ table inet filter {
     ct state invalid drop comment "early drop of invalid connections"
     ct state {established, related} accept comment "allow tracked connections"
     iif lo accept comment "allow from loopback"
-    ip protocol icmp accept comment "allow icmp"
-    meta l4proto ipv6-icmp accept comment "allow icmp v6"
+    meta l4proto { icmp, icmpv6 } accept comment "allow icmp"
     tcp dport ssh accept comment "allow sshd"
     pkttype host limit rate 5/second counter reject with icmpx type 
admin-prohibited
     counter



View it on GitLab: 
https://gitlab.archlinux.org/archlinux/packaging/packages/nftables/-/commit/4ca725ed5d82d2aee5089abce3d093359d90f7e1

-- 
View it on GitLab: 
https://gitlab.archlinux.org/archlinux/packaging/packages/nftables/-/commit/4ca725ed5d82d2aee5089abce3d093359d90f7e1
You're receiving this email because of your account on gitlab.archlinux.org.

Reply via email to