Proxmox/pve-firewall
5
0
Fork 0
mirror of git://git.proxmox.com/git/pve-firewall.git synced 2025-01-04 09:17:58 +03:00
Code Releases Activity
834 Commits 6 Branches 0 Tags 1.1 MiB
Perl 87.8%
C 10.6%
Makefile 1.6%
4d1ca18ee6
Go to file
Fabian Grünbichler 4d1ca18ee6 fix #4730: add safeguards to prevent ICMP type misuse 
without this additional conditions, it's possible to break the firewall by
setting an ICMP-type value as dport for non-ICMP protocols, e.g. 'any' for
'tcp'.

by rejecting the invalid rule/parameter, the rest of the ruleset is still
applied properly, and the error messages are a lot more informative as well.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2023-05-16 11:15:15 +02:00
debian d/changelog: fixup released 2023-04-26 12:24:28 +02:00
src fix #4730: add safeguards to prevent ICMP type misuse 2023-05-16 11:15:15 +02:00
test test/simulator: add very basic ICMP type functionallity 2020-05-04 14:10:55 +02:00
Makefile buildsys: change upload/repo dist to bullseye 2021-05-24 11:39:09 +02:00