Page 1 of 1

Protocol 0 ????

Posted: Wed Jul 05, 2006 3:03 pm
by ddlan
H(a)i,

/ip firewall connection print
Flags: S - seen reply, A - assured 
 #    PR.. SRC-ADDRESS           DST-ADDRESS           TCP-STATE   TIMEOUT
244 SA tcp  192.168.0.242:2268    xx.xxx.xxx.xxx:32459  established 29m48s     
245    udp  xx.xx.xx.xx:6346      xxx.xxx.xxx.xxx:1039              4s         
246    0    192.168.0.242         xxx.xxx.xx.xxx                    2m36s
whats this ???
We can mangle or block this?

sry for my english

mfg
Thomas Böttcher

Posted: Wed Jul 05, 2006 3:30 pm
by Eugene
HOPOPT, IPv6 Hop-by-Hop Option.

you could both block and mangle this, just specify "0" in the protocol field.

Posted: Thu Jul 06, 2006 9:12 am
by ddlan
H(a)i,
[admin@AC] > ip fi fi                                
[admin@AC] ip firewall filter> add chain forward protocol=0 action=drop
works in Terminal, not in Winbox :evil:
Error in Protocol - decimal number in range [1;255] expected!
mfg
Thomas Böttcher