Project

General

Profile

Actions

Bug #7366

closed

2.3.4: Connections (States) with proto "icmp" show a source and a destination port

Added by Alexander Wilke about 7 years ago. Updated about 7 years ago.

Status:
Rejected
Priority:
Very Low
Assignee:
-
Category:
Rules / NAT
Target version:
-
Start date:
03/07/2017
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:

Description

Hi,

as you can see in the screenshot the state has a source and a destination port - both are equal.
Should ICMP have a port? Perhaps better show the type of icmp.

In System Log -> Firewall the ICMP messages do not have any port definitions. Perhaps there should be the type of ICMP message displayed, too.


Files

icmp_with_ports.png (34.1 KB) icmp_with_ports.png Alexander Wilke, 03/07/2017 11:40 AM
Actions #1

Updated by Jim Pingle about 7 years ago

  • Status changed from New to Rejected

Those are not ports. It's the ICMP request ID.

Example:

vmx0 icmp 198.51.100.6:23078 -> 198.51.100.1:23078       0:0

: tcpdump -vvvni vmx0 icmp and host 198.51.100.1 and host 198.51.100.6
tcpdump: listening on vmx0, link-type EN10MB (Ethernet), capture size 262144 bytes
13:03:17.307804 IP (tos 0x0, ttl 64, id 14104, offset 0, flags [none], proto ICMP (1), length 28)
    198.51.100.6 > 198.51.100.1: ICMP echo request, id 23078, seq 3336, length 8
13:03:17.308217 IP (tos 0x0, ttl 64, id 1149, offset 0, flags [none], proto ICMP (1), length 28)
    198.51.100.1 > 198.51.100.6: ICMP echo reply, id 23078, seq 3336, length 8
Actions

Also available in: Atom PDF