Actions
Bug #7366
closed
2.3.4: Connections (States) with proto "icmp" show a source and a destination port
Status:
Rejected
Priority:
Very Low
Assignee:
-
Category:
Rules / NAT
Target version:
-
Start date:
03/07/2017
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:
Description
Hi,
as you can see in the screenshot the state has a source and a destination port - both are equal.
Should ICMP have a port? Perhaps better show the type of icmp.
In System Log -> Firewall the ICMP messages do not have any port definitions. Perhaps there should be the type of ICMP message displayed, too.
Files
Updated by Jim Pingle over 7 years ago
- Status changed from New to Rejected
Those are not ports. It's the ICMP request ID.
Example:
vmx0 icmp 198.51.100.6:23078 -> 198.51.100.1:23078 0:0
: tcpdump -vvvni vmx0 icmp and host 198.51.100.1 and host 198.51.100.6
tcpdump: listening on vmx0, link-type EN10MB (Ethernet), capture size 262144 bytes
13:03:17.307804 IP (tos 0x0, ttl 64, id 14104, offset 0, flags [none], proto ICMP (1), length 28)
198.51.100.6 > 198.51.100.1: ICMP echo request, id 23078, seq 3336, length 8
13:03:17.308217 IP (tos 0x0, ttl 64, id 1149, offset 0, flags [none], proto ICMP (1), length 28)
198.51.100.1 > 198.51.100.6: ICMP echo reply, id 23078, seq 3336, length 8
Actions