diff options
author | Maciej Żenczykowski <maze@google.com> | 2023-10-23 11:10:01 -0700 |
---|---|---|
committer | Maciej Żenczykowski <maze@google.com> | 2023-10-23 11:10:41 -0700 |
commit | 6ca2997edebc1642a7c5849b1e6d9e7996941321 (patch) | |
tree | 23cc33747464a209477297192bf8ab73b10b53c9 /extensions/libipt_icmp.c | |
parent | 9122b27635055a26c8a1d336bcf7382945dc576f (diff) | |
parent | 8ae55c2a331e932c0aeef8c6c138bf60deb9fd42 (diff) | |
download | iptables-6ca2997edebc1642a7c5849b1e6d9e7996941321.tar.gz |
Merge tag 'v1.8.10' of https://git.netfilter.org/iptables
iptables 1.8.10 release
* tag 'v1.8.10' of https://git.netfilter.org/iptables:
configure: Bump version for 1.8.10 release
build: Bump dependency on libnftnl
include: linux: Update kernel.h
nft: Fix for useless meta expressions in rule
tests: shell: Fix for ineffective 0007-mid-restore-flush_0
extensions: Fix checking of conntrack --ctproto 0
Revert --compat option related commits
doc: fix example of xt_cpu
tests: Test compat mode
Add --compat option to *tables-nft and *-nft-restore commands
nft: Introduce and use bool nft_handle::compat
nft: Pass nft_handle to add_{target,action}()
Use SOCK_CLOEXEC/O_CLOEXEC where available
tests: shell: Test chain policy counter behaviour
Revert "libiptc: fix wrong maptype of base chain counters on restore"
nft: Create builtin chains with counters enabled
tests: iptables-test: Fix command segfault reports
nft-ruleparse: parse meta mark set as MARK target
nft-ruleparse: Introduce nft_create_target()
extensions: libip6t_icmp: Add names for mld-listener types
nft: move processing logic out of asserts
man: iptables-save.8: Start paragraphs in upper-case
man: iptables-save.8: Fix --modprobe description
man: iptables-save.8: Clarify 'available tables'
man: Trivial: Missing space after comma
man: iptables-restore.8: Start paragraphs in upper-case
man: iptables-restore.8: Put 'file' in italics in synopsis
man: iptables-restore.8: Drop -W option from synopsis
man: iptables-restore.8: Consistently document -w option
man: iptables-restore.8: Fix --modprobe description
man: iptables.8: Trivial font fixes
man: Use HTTPS for links to netfilter.org
man: iptables.8: Clarify --goto description
man: iptables.8: Fix intra page reference
man: iptables.8: Trivial spelling fixes
man: iptables.8: Extend exit code description
tests: libipt_icmp.t: Enable tests with numeric output
extensions: libipt_icmp: Fix confusion between 255/255 and any
iptables-apply: Eliminate shellcheck warnings
iptables-restore: Drop dead code
tests: shell: Fix and extend chain rename test
ebtables: Improve invalid chain name detection
*tables: Reject invalid chain names when renaming
*tables-restore: Enforce correct counters syntax if present
nft: Include sets in debug output
nft: Do not pass nft_rule_ctx to add_nft_among()
nft: More verbose extension comparison debugging
nft: Special casing for among match in compare_matches()
tests: shell: Sanitize nft-only/0009-needless-bitwise_0
nft-bridge: pass context structure to ops->add() to improve anonymous set support
iptables: Fix handling of non-existent chains
iptables: Fix setting of ipv6 counters
xshared: dissolve should_load_proto
nft: use payload matching for layer 4 protocol
man: string: document BM false negatives
nft: check for source and destination address in first place
nft: ruleparse: Create family-specific source files
nft: Extract rule parsing callbacks from nft_family_ops
nft: Introduce nft-ruleparse.{c,h}
xshared: Fix parsing of option arguments in same word
arptables: Don't omit standard matches if inverted
arptables: Fix parsing of inverted 'arp operation' match
nft-shared: Drop unused include
utils: nfbpf_compile: Replace pcap_compile_nopcap()
tests: shell: Test for false-positive rule check
ebtables-nft: add broute table emulation
include: update nf_tables uapi header
build: use pkg-config for libpcap
ip6tables: Fix checking existence of rule
iptables-test.py: make explicit use of python3
iptables-nft: remove unused function argument
iptables-nft: make builtin tables static
xtables-eb: fix crash when opts isn't reallocated
nft-restore: Fix for deletion of new, referenced rule
include: Add missing linux/netfilter/xt_LOG.h
xt_sctp: add the missing chunk types in sctp_help
xtables-translate: Support insert with index
ebtables: ip and ip6 matches depend on protocol match
extensions: libebt_ip: Translation has to match on ether type
extensions: libebt_ip: Do not use 'ip dscp' for translation
extensions: libebt_redirect: Fix for wrong syntax in translation
extensions: libebt_redirect: Fix target translation
tests: xlate: Print file names even if specified
tests: xlate: Properly split input in replay mode
nft-shared: Simplify using nft_create_match()
nft-shared: Use nft_create_match() in one more spot
nft-shared: Lookup matches in iptables_command_state
tests: CLUSTERIP: Drop test file
tests: xlate: Support testing multiple individual files
ebtables-translate: Print flush command after parsing is finished
ebtables-translate: Ignore '-j CONTINUE'
ebtables-translate: Use OPT_* from xshared.h
ebtables-translate: Drop exec_style
ebtables: Refuse unselected targets' options
Proper fix for "unknown argument" error message
etc: Drop xtables.conf
Generated via:
git fetch git://git.netfilter.org/iptables v1.8.10
git merge --log=999 FETCH_HEAD
Test: with follow up
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Ia4ce7e3670706ee0905228cfd147fa6499ca08bb
Diffstat (limited to 'extensions/libipt_icmp.c')
-rw-r--r-- | extensions/libipt_icmp.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/extensions/libipt_icmp.c b/extensions/libipt_icmp.c index b0318aeb..171b3b39 100644 --- a/extensions/libipt_icmp.c +++ b/extensions/libipt_icmp.c @@ -108,7 +108,8 @@ static void icmp_save(const void *ip, const struct xt_entry_match *match) printf(" !"); /* special hack for 'any' case */ - if (icmp->type == 0xFF) { + if (icmp->type == 0xFF && + icmp->code[0] == 0 && icmp->code[1] == 0xFF) { printf(" --icmp-type any"); } else { printf(" --icmp-type %u", icmp->type); |