[email protected] wrote: > [email protected] wrote: > > [email protected] wrote: > >> [email protected] wrote: > >>> Is it possible to create rules that apply to specific codes of ICMP > >> types? > >>> The AllowICMPs macro seems to have this type of precision for ICMP > >> type 3 code 4. > >>> How can I write a rule that has this kind of precision for > arbitrary > >> ICMP types/codes? > >> > >> The same way as the macro does. > >> > > > > The macro appears to use keywords: 'fragmentation-needed' and 'time- > exceeded' > > > > Where can I find where these are defined? Or, is there a list > acceptable keywords? > > > > I grepped /etc/shorewall and /usr/share/shorewall but nothing came > up. > > From /usr/share/shorewall/Shorewall/IPAddrs.pm, here is the list of > keywords and their corresponding codes: >
Thanks a lot for this! Can these keywords be used directly in /etc/shorewall/rules? How about the values they represent, like this: ACCEPT fw net icmp 12/1 Brent Gardner ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
