Hello, A quick bug report: (sorry for crossposting to devel and user list, but i am interested if anyone else can reproduce) iptables -A INPUT -p icmp --icmp-type 255 -i lo -j REJECT this rule also denies icmp ping and i think anything else of icmp. Works for me at least on 2.4.22-pre6 and patch-o-matic-20030714 havent tried w/ newer versions. Does not work on base 2.4.20 and iptables 1.2.7a proof: -- z@xxx:/[1032]# iptables -A INPUT -p icmp --icmp-type 255 -i lo -j REJECT z@xxx:/[1033]# ping localhost -c 5 PING localhost (127.0.0.1): 56 octets data --- localhost ping statistics --- 5 packets transmitted, 0 packets received, 100% packet loss z@xxx:/[1034]# iptables -D INPUT -p icmp --icmp-type 255 -i lo -j REJECT z@xxx:/[1035]# ping localhost -c 5 PING localhost (127.0.0.1): 56 octets data 64 octets from 127.0.0.1: icmp_seq=0 ttl=128 time=0.3 ms 64 octets from 127.0.0.1: icmp_seq=1 ttl=128 time=0.3 ms ^C P.Krumins netfilter-devel@xxxxxxxxxxxxxxxxxxx
