Modify

Opened 6 years ago

Closed 6 years ago

Last modified 4 years ago

#10928 closed defect (fixed)

icmp types in fw.sh

Reported by: a.piesk@… Owned by: developers
Priority: normal Milestone: Barrier Breaker 14.07
Component: base system Version: 10.03.1
Keywords: Cc:

Description

i got errors like

firewall: ICMP type 'time-exceeded' is not valid for IPv4 address family, skipping rule
firewall: ICMP type 'parameter-problem' is not valid for IPv4 address family, skipping rule

after setting up my rule set. as far as i know these 2 types are valid icmp types even for ipv4.

after digging further i found the problem in fw.sh which i solved with this patch:

--- fw.sh.org	2011-11-26 22:00:30.375596551 +0100
+++ fw.sh	2011-11-26 22:00:11.559842047 +0100
@@ -275,10 +275,7 @@ fw_check_icmptype4() {
 		export FW_ICMP4_TYPES=$(
 			iptables -p icmp -h 2>/dev/null | \
 			sed -n -e '/^Valid ICMP Types:/ {
-				n; :r;
-				/router-advertisement/d;
-				/router-solicitation/d;
-				s/[()]/ /g; s/[[:space:]]\+/\n/g; p; n; b r
+				n; :r; s/[()]/ /g; s/[[:space:]]\+/\n/g; p; n; b r
 			}' | sort -u
 		)

the original version removes everything after "router-advertisement" from the list, which is not correct.
but i think the list should not be filtered at all because all these icmp types are valid for ipv4, even "router-advertisement" and "router-solicitation" (see http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xml)

Attachments (1)

openwrt-icmp.patch (696 bytes) - added by a.piesk@… 6 years ago.

Download all attachments as: .zip

Change History (3)

Changed 6 years ago by a.piesk@…

comment:1 Changed 6 years ago by jow

  • Resolution set to fixed
  • Status changed from new to closed

Fixed with r30363, r30364 - thanks!

comment:2 Changed 4 years ago by jow

  • Milestone changed from Attitude Adjustment 12.09 to Barrier Breaker 14.07

Milestone Attitude Adjustment 12.09 deleted

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.