ICMP rule with ICMP type "any" fails to load
Creating a pass rule with ICMP and ICMP type any prevents the ruleset from being loaded.
The following rule is generated and fails:
pass in quick on $LAN inet proto icmp from 192.168.1.0/24 to any icmp-type any tracker 1484287460 keep state label "USER_RULE: Allow ICMP "
I think "icmp-type any" is wrong and should be left out to match all ICMP traffic.
The rule should look like it does in 2.3:
pass in quick on $LAN inet proto icmp from 192.168.1.0/24 to any tracker 1416374361 keep state label "USER_RULE: Allow ICMP"
Fix #7118 icmp-type any
When 'any' is selected as the ICMP type, do not write 'icmp-type any' in the rule, just leave it out.
#4 Updated by Jim Pingle over 3 years ago
- Status changed from Feedback to New
This still fails for me after a gitsync.
There were error(s) loading the rules: /tmp/rules.debug:189: syntax error - The line in question reads : pass in quick on $WAN reply-to ( vmx0 198.51.100.1 ) inet proto icmp from any to 126.96.36.199 icmp-type any tracker 1484267245 keep state label "USER_RULE"