Uploaded image for project: 'Red Hat OpenStack Services on OpenShift'
  1. Red Hat OpenStack Services on OpenShift
  2. OSPRH-21108

[RFE] The ICMP type deny rule didn't work and all ICMP traffic was blocked.

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • None
    • tripleo-ansible
    • None
    • False
    • Hide

      None

      Show
      None
    • False
    • ?
    • rhos-ops-day1day2-edpm
    • None
    • Moderate

      There is a Jira ticket[1] related to this, but it seems that this is an unsupported feature, so I am request an RFE.

       

      I've tried several times to set up ICMP timestamp rules [2]on rhosp17.1,

      but it did not work. all ICMP traffic was blocked.

       

      The existing ticket is quite old and hasn't been updated for some time.

      the customer is currently waiting to hear whether this feature will be supported.

       

      Could you please confirm if is this a supported feature or not?

      If a feature is not supported, can it be supported?

       

       [1]

       https://issues.redhat.com/browse/OSPRH-18373

       [2]

      ~~~

      parameter_defaults:
        ExtraFirewallRules:
          '000 drop icmp timestamp':
            proto: icmp
            type: 13
            jump: DROP
            ipversion: ipv4
          '000 drop icmp timestamp reply':
            proto: icmp
            type: 14
            jump: DROP
            ipversion: ipv4

      ~~~

       

       

              Unassigned Unassigned
              rhn-support-chopark Chorong Park
              rhos-dfg-df
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: