File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -22,7 +22,7 @@ type chainRule struct {
2222 packets uint64
2323 bytes uint64
2424 target string // "ACCEPT", "DROP", "REJECT" or "REDIRECT"
25- protocol string // "tcp", "udp" or "" for all protocols.
25+ protocol string // "icmp", " tcp", "udp" or "" for all protocols.
2626 inputInterface string // input interface, for example "tun0" or "*""
2727 outputInterface string // output interface, for example "eth0" or "*""
2828 source netip.Prefix // source IP CIDR, for example 0.0.0.0/0. Must be valid.
@@ -324,6 +324,8 @@ var ErrProtocolUnknown = errors.New("unknown protocol")
324324func parseProtocol (s string ) (protocol string , err error ) {
325325 switch s {
326326 case "0" :
327+ case "1" :
328+ protocol = "icmp"
327329 case "6" :
328330 protocol = "tcp"
329331 case "17" :
Original file line number Diff line number Diff line change @@ -56,7 +56,8 @@ num pkts bytes target prot opt in out source destinati
5656num pkts bytes target prot opt in out source destination
57571 0 0 ACCEPT 17 -- tun0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:55405
58582 0 0 ACCEPT 6 -- tun0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:55405
59- 3 0 0 DROP 0 -- tun0 * 1.2.3.4 0.0.0.0/0
59+ 3 0 0 ACCEPT 1 -- tun0 * 0.0.0.0/0 0.0.0.0/0
60+ 4 0 0 DROP 0 -- tun0 * 1.2.3.4 0.0.0.0/0
6061` ,
6162 table : chain {
6263 name : "INPUT" ,
@@ -92,6 +93,17 @@ num pkts bytes target prot opt in out source destinati
9293 lineNumber : 3 ,
9394 packets : 0 ,
9495 bytes : 0 ,
96+ target : "ACCEPT" ,
97+ protocol : "icmp" ,
98+ inputInterface : "tun0" ,
99+ outputInterface : "*" ,
100+ source : netip .MustParsePrefix ("0.0.0.0/0" ),
101+ destination : netip .MustParsePrefix ("0.0.0.0/0" ),
102+ },
103+ {
104+ lineNumber : 4 ,
105+ packets : 0 ,
106+ bytes : 0 ,
95107 target : "DROP" ,
96108 protocol : "" ,
97109 inputInterface : "tun0" ,
You can’t perform that action at this time.
0 commit comments