Bug 90431 - Firewall scripts do not conform to RFCs
Summary: Firewall scripts do not conform to RFCs
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: rp-pppoe
Version: 9
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Than Ngo
QA Contact: Jay Turner
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2003-05-08 03:18 UTC by Andreas Thienemann
Modified: 2015-01-08 00:05 UTC (History)
2 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2003-06-18 14:59:19 UTC
Embargoed:


Attachments (Terms of Use)

Description Andreas Thienemann 2003-05-08 03:18:01 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003

Description of problem:
The firwall scripts firewall-masq and firewall-standalone, located in /etc/ppp
as soon as the rp-pppoe package is installed, do not conform to current internet
standards as defined by the RFCs.

The firewall scripts do block ICMP echo requests.

STD 0003 Requirements for Internet Hosts. R. Braden, Ed.. October 1989. (Also
RFC1122, RFC1123) does define:


3.2.2.6  Echo Request/Reply: RFC-792
Every host MUST implement an ICMP Echo server function that receives Echo
Requests and sends corresponding Echo Replies.
A host SHOULD also implement an application-layer interface for sending an Echo
Request and receiving an Echo Reply, for diagnostic purposes.



Version-Release number of selected component (if applicable):
3.5-2

How reproducible:
Always

Steps to Reproduce:
1. activate the firewall
2. ping the host


Actual Results:  No ICMP ECHO REPLY, nor any ICMP Error Message

Expected Results:  Reception of an ICMP ECHO REPLY

Additional info:

Comment 1 Than Ngo 2003-06-18 14:59:19 UTC
firewall-masq and firewall-standalone will be obsolete in next release.



Note You need to log in before you can comment on or make changes to this bug.