Re: Firewalld ICMP types
On Fri, Aug 28, 2020 at 10:56:30PM -0000, Scott A. Wozny wrote:
Where does firewalld map it's ICMP types located in
/usr/lib/firewalld/icmptypes to actual ICMP types like these:
https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml.
For example, I don't see anything in echo-request.xml indicating it's
ICMP type 8, so how does the firewall know when filtering ICMP
packets?
For the iptables backend the icmptype name is passed verbatim to
iptables. firewalld's icmptype names are actually derived from iptables.
For nftables they're translated [1] into nftables's names and/or
type/code.
[1]:
https://github.com/firewalld/firewalld/blob/956db5ecc15be55d49611e05c23c1...