Re: [pve-devel] [PATCH proxmox-ve-rs 1/3] firewall macros: fix macros using icmp protocol

Thomas Lamprecht Mon, 07 Apr 2025 04:52:03 -0700

On Tue, 04 Feb 2025 10:57:31 +0100, Stefan Hanreich wrote:
> Macros containing rules for the ICMP protocol used dport instead of
> icmp-type for specifying the type of ICMP messages. This is how
> pve-firewall used to specify them, but the nftables firewall uses a
> separate key for this in the macros. This caused all ICMP types to be
> allowed instead of restricting them to the types specified in the
> macro.
> 
> [...]


Applied, thanks!

[1/3] firewall macros: fix macros using icmp protocol
      commit: 2a32eee42fa3fa90616666477cdbf3da5cbfae8f
[2/3] fix #6108: firewall macros: Add missing ICMPv6 statements
      commit: 8f2f3c62954d4052cd08a56993cf006773e760af
[3/3] tests: add Ping macro to tests
      commit: 75d2c9793c49a5e030d68237a1734d6c922e80cf


_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

Re: [pve-devel] [PATCH proxmox-ve-rs 1/3] firewall macros: fix macros using icmp protocol

Reply via email to