Allowing specific IP protocols by name or number

Post Reply
Root
Junior Member
Posts: 8
Joined: 07 Jan 2007, 10:04
Location: Houston, Texas, U.S.A.
Contact:
Contact Root

Allowing specific IP protocols by name or number

Post by Root »

Hello,

Please add the ability to define specific protocols to be accepted, such as Generic Route Encapsulation or gre (47) for VPN tunnels.

The following are examples of the iptables rules required in the aforementioned configurations:

Code: Select all

-A INPUT -p gre -j ACCEPT
-A OUTPUT -p gre -j ACCEPT

or

-A INPUT -p 47 -j ACCEPT
-A OUTPUT -p 47 -j ACCEPT
Preferably, each entry would be at the beginning of the "ACCEPT" section its respective chain (i.e., INPUT or OUTPUT).

I appreciate your consideration of this feature request. Thank you! :)
Top
chirpy
Moderator
Posts: 3537
Joined: 09 Dec 2006, 18:13

Post by chirpy »

You can already do that using the csfpre.sh and csfpost.sh functionality.
Top
Post Reply

Return to “Suggestions (csf)”