Alef-Burzmali
commented
1 year ago I need to find a way to integrate that cleanly, as it would be 2 fields used only by ICMP. Would the code/subtype be necessary or only the type?
Open anubisg1 opened 1 year ago
Alef-Burzmali
commented
1 year ago I need to find a way to integrate that cleanly, as it would be 2 fields used only by ICMP. Would the code/subtype be necessary or only the type?
anubisg1
commented
1 year ago Personally I have never seen a subtype being used in firewall rules, on the other other simple types are everywhere.
anubisg1
commented
1 year ago also attention should be placed for icmpv4 and icmpv6 as they do differ
Alef-Burzmali
commented
1 year ago Still thinking about how best to implement that, I have not found a satisfying way in the Forms to have a special case for two protocols (ICMP / ICMPv6) that would change how the rest of the form is displayed/interpreted.
For the moment, I'd recommend using the destination port field to store the type.
when configuring a flow i can select protocol icmp but none of the codes.
ICMP doesn't really uses port numbers but rather type/codes.