Page 1 of 1

Protocol 0 ????

Posted: Wed Jul 05, 2006 3:03 pm
by ddlan

/ip firewall connection print
Flags: S - seen reply, A - assured 
 #    PR.. SRC-ADDRESS           DST-ADDRESS           TCP-STATE   TIMEOUT
244 SA tcp  established 29m48s     
245    udp  xx.xx.xx.xx:6346              4s         
246    0                    2m36s
whats this ???
We can mangle or block this?

sry for my english

Thomas Böttcher

Posted: Wed Jul 05, 2006 3:30 pm
by Eugene
HOPOPT, IPv6 Hop-by-Hop Option.

you could both block and mangle this, just specify "0" in the protocol field.

Posted: Thu Jul 06, 2006 9:12 am
by ddlan
[admin@AC] > ip fi fi                                
[admin@AC] ip firewall filter> add chain forward protocol=0 action=drop
works in Terminal, not in Winbox :evil:
Error in Protocol - decimal number in range [1;255] expected!
Thomas Böttcher