On Sat, May 30, 2009 at 10:15:31AM +0100, Jason McIntyre wrote:
> On Sat, May 30, 2009 at 09:16:56AM +0100, Federico G. Schwindt wrote:
> > >
> > > return = "drop" | "return" | "return-rst" [ "( ttl" number ")" ] |
> > > "return-icmp" [ "(" icmpcode [ [ "," ] icmp6code ] ")" ] |
> > > "return-icmp6" [ "(" icmp6code ")" ]
> > >
> > > first off, return-rst makes no note in the doc that it can take "ttl <n>"
> > > as an argument. can it really do that? even if it can, the quoting still
> > > looks incorrect.
> >
> > yes, it's like that. how the quote will be in the case of:
> >
> > return-rst(ttl 20)
> >
>
> so the document is currently incorrect? we need to document this?
yes, this is not mentioned and should be added, but the syntax is
correct.
> > > second, can return-icmp really take an icmp6code as an argument? is that
> > > what the syntax is saying?
> >
> > yes, it can take a second argument.
> >
>
> yes, but can it take an argument of an icmp*6* code? i know return-icmp
> can take an icmp code, and return-icmp6 can take an icmp6 code, but
> return-icmp can take a 6 code (or vice versa)? surely that is wrong.
yes, there are 3 variants for return-icmp and 2 for return-icmp6.
return-icmp and return-icmp6 set both icmp and icmp6 in all of their
incarnations. they will apply the defaults if the argument is not
passed/needed, while only return-icmp can take both, icmp and icmp6
parameters.
f.-
