2 * firewall3 - 3rd OpenWrt UCI firewall implementation
4 * Copyright (C) 2013 Jo-Philipp Wich <jo@mein.io>
6 * Permission to use, copy, modify, and/or distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 #ifndef __FW3_ICMP_CODES_H
20 #define __FW3_ICMP_CODES_H
23 struct fw3_icmptype_entry {
30 /* taken from iptables extensions/libipt_icmp.c */
31 static const struct fw3_icmptype_entry fw3_icmptype_list_v4[] = {
32 { "any", 0xFF, 0, 0xFF },
33 { "echo-reply", 0, 0, 0xFF },
34 /* Alias */ { "pong", 0, 0, 0xFF },
36 { "destination-unreachable", 3, 0, 0xFF },
37 { "network-unreachable", 3, 0, 0 },
38 { "host-unreachable", 3, 1, 1 },
39 { "protocol-unreachable", 3, 2, 2 },
40 { "port-unreachable", 3, 3, 3 },
41 { "fragmentation-needed", 3, 4, 4 },
42 { "source-route-failed", 3, 5, 5 },
43 { "network-unknown", 3, 6, 6 },
44 { "host-unknown", 3, 7, 7 },
45 { "network-prohibited", 3, 9, 9 },
46 { "host-prohibited", 3, 10, 10 },
47 { "TOS-network-unreachable", 3, 11, 11 },
48 { "TOS-host-unreachable", 3, 12, 12 },
49 { "communication-prohibited", 3, 13, 13 },
50 { "host-precedence-violation", 3, 14, 14 },
51 { "precedence-cutoff", 3, 15, 15 },
53 { "source-quench", 4, 0, 0xFF },
55 { "redirect", 5, 0, 0xFF },
56 { "network-redirect", 5, 0, 0 },
57 { "host-redirect", 5, 1, 1 },
58 { "TOS-network-redirect", 5, 2, 2 },
59 { "TOS-host-redirect", 5, 3, 3 },
61 { "echo-request", 8, 0, 0xFF },
62 /* Alias */ { "ping", 8, 0, 0xFF },
64 { "router-advertisement", 9, 0, 0xFF },
66 { "router-solicitation", 10, 0, 0xFF },
68 { "time-exceeded", 11, 0, 0xFF },
69 /* Alias */ { "ttl-exceeded", 11, 0, 0xFF },
70 { "ttl-zero-during-transit", 11, 0, 0 },
71 { "ttl-zero-during-reassembly", 11, 1, 1 },
73 { "parameter-problem", 12, 0, 0xFF },
74 { "ip-header-bad", 12, 0, 0 },
75 { "required-option-missing", 12, 1, 1 },
77 { "timestamp-request", 13, 0, 0xFF },
79 { "timestamp-reply", 14, 0, 0xFF },
81 { "address-mask-request", 17, 0, 0xFF },
83 { "address-mask-reply", 18, 0, 0xFF }
86 /* taken from iptables extensions/libip6t_icmp6.c */
87 static const struct fw3_icmptype_entry fw3_icmptype_list_v6[] = {
88 { "destination-unreachable", 1, 0, 0xFF },
89 { "no-route", 1, 0, 0 },
90 { "communication-prohibited", 1, 1, 1 },
91 { "address-unreachable", 1, 3, 3 },
92 { "port-unreachable", 1, 4, 4 },
94 { "packet-too-big", 2, 0, 0xFF },
96 { "time-exceeded", 3, 0, 0xFF },
97 /* Alias */ { "ttl-exceeded", 3, 0, 0xFF },
98 { "ttl-zero-during-transit", 3, 0, 0 },
99 { "ttl-zero-during-reassembly", 3, 1, 1 },
101 { "parameter-problem", 4, 0, 0xFF },
102 { "bad-header", 4, 0, 0 },
103 { "unknown-header-type", 4, 1, 1 },
104 { "unknown-option", 4, 2, 2 },
106 { "echo-request", 128, 0, 0xFF },
107 /* Alias */ { "ping", 128, 0, 0xFF },
109 { "echo-reply", 129, 0, 0xFF },
110 /* Alias */ { "pong", 129, 0, 0xFF },
112 { "router-solicitation", 133, 0, 0xFF },
114 { "router-advertisement", 134, 0, 0xFF },
116 { "neighbour-solicitation", 135, 0, 0xFF },
117 /* Alias */ { "neighbor-solicitation", 135, 0, 0xFF },
119 { "neighbour-advertisement", 136, 0, 0xFF },
120 /* Alias */ { "neighbor-advertisement", 136, 0, 0xFF },
122 { "redirect", 137, 0, 0xFF },
projects / project / firewall3.git / blob