Bug 104777
Summary: | Broken iptables syntax to allow all ICMP | ||
---|---|---|---|
Product: | [Retired] Red Hat Raw Hide | Reporter: | Dax Kelson <dkelson> |
Component: | redhat-config-securitylevel | Assignee: | Brent Fox <bfox> |
Status: | CLOSED RAWHIDE | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 1.0 | CC: | mitr, notting |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2003-10-16 20:12:00 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Dax Kelson
2003-09-21 05:41:46 UTC
'-p icmp --icmp-type any' is perfectl valid syntax for me. What version of iptables do you have installed? iptables-1.2.7a-2 I installed redhat-config-securitylevel-1.2.8-2 on RHL9. I can see someone else might do the same. I would suggest (if you still want to allow ICMP in general) going with my recommended rule as it will work with old and new versions of IP Tables: -A RH-Firewall-1-INPUT -p icmp -j ACCEPT notting: should I make redhat-config-securitylevel require iptables >= 1.2.8-12? You can, it won't hurt. notting: what I'm asking is this: will making redhat-config-securitylevel require a newer iptables solve this problem? That would prevent someone from installing the latest r-c-securitylevel on RHL 9 without upgrading iptables as well. Yes, it will solve that. Ok, should be fixed in redhat-config-securitylevel-1.2.11-1 in Rawhide. |