fix(firewall): parse "all" protocol from iptables chains
This commit is contained in:
Quentin McGaw
@@ -323,7 +323,7 @@ var ErrProtocolUnknown = errors.New("unknown protocol")
|
|||||||
|
|
||||||
func parseProtocol(s string) (protocol string, err error) {
|
func parseProtocol(s string) (protocol string, err error) {
|
||||||
switch s {
|
switch s {
|
||||||
case "0":
|
case "0", "all":
|
||||||
case "1":
|
case "1":
|
||||||
protocol = "icmp"
|
protocol = "icmp"
|
||||||
case "6":
|
case "6":
|
||||||
|
|||||||
@@ -58,6 +58,7 @@ num pkts bytes target prot opt in out source destinati
|
|||||||
2 0 0 ACCEPT 6 -- tun0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:55405
|
2 0 0 ACCEPT 6 -- tun0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:55405
|
||||||
3 0 0 ACCEPT 1 -- tun0 * 0.0.0.0/0 0.0.0.0/0
|
3 0 0 ACCEPT 1 -- tun0 * 0.0.0.0/0 0.0.0.0/0
|
||||||
4 0 0 DROP 0 -- tun0 * 1.2.3.4 0.0.0.0/0
|
4 0 0 DROP 0 -- tun0 * 1.2.3.4 0.0.0.0/0
|
||||||
|
5 0 0 ACCEPT all -- tun0 * 1.2.3.4 0.0.0.0/0
|
||||||
`,
|
`,
|
||||||
table: chain{
|
table: chain{
|
||||||
name: "INPUT",
|
name: "INPUT",
|
||||||
@@ -111,6 +112,17 @@ num pkts bytes target prot opt in out source destinati
|
|||||||
source: netip.MustParsePrefix("1.2.3.4/32"),
|
source: netip.MustParsePrefix("1.2.3.4/32"),
|
||||||
destination: netip.MustParsePrefix("0.0.0.0/0"),
|
destination: netip.MustParsePrefix("0.0.0.0/0"),
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
lineNumber: 5,
|
||||||
|
packets: 0,
|
||||||
|
bytes: 0,
|
||||||
|
target: "ACCEPT",
|
||||||
|
protocol: "",
|
||||||
|
inputInterface: "tun0",
|
||||||
|
outputInterface: "*",
|
||||||
|
source: netip.MustParsePrefix("1.2.3.4/32"),
|
||||||
|
destination: netip.MustParsePrefix("0.0.0.0/0"),
|
||||||
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|||||||
Reference in New Issue
Block a user