[pve-devel] [PATCH proxmox-firewall/ve-rs v2 0/3] Fix ICMP types in nftables
Thomas Lamprecht
t.lamprecht at proxmox.com
Mon Nov 17 16:22:23 CET 2025
On Mon, 06 Oct 2025 12:19:28 +0200, Gabriel Goller wrote:
> Currently when setting ICMP types on the old firewall (iptables) then
> switching to the new one (nftables) a few types will fail because they have
> been renamed in nftables or do not exist in nftables. This affects both icmp
> and icmpv6 where we now map options that do not exist in nftables to their
> respective type/code combinations. This allows us to have exactly the same
> behavior in nftables as we have in iptables.
>
> [...]
Applied, with the author reset to you for proxmox-ve-rs patch 1/2, thanks!
[1/1] tests: add icmpv6 type mapping test
commit 6a7063c44c6fc39ecdd725abc60e732bfcecdc04
[1/2] fix: firewall: introduce iptables to nftables mapping for icmp-types
commit: cfd2a9d4bd50bbfd47c7ca51d7ed4e50681eeb9f
[2/2] fix: firewall: introduce iptables to nftables mapping for icmpv6-types
commit: 884930e9355124103861632a3463e9f7eeb2a069
More information about the pve-devel
mailing list