Created attachment 493 [details] screenshot of the firewall log showing protocol type "47" In the WebIF (Logs|Firewall Log), the page shows the protocol type, too. However, in case of a protocol different than TCP and UDP, it only lists the protocol number (see screenshot, protocol #47 -> GRE). The log file shows that this information is parsed corretly: Jan 15 11:55:44 firewall kernel: DROP_INPUT IN=ppp0 OUT= MAC= SRC=1.34.187.[REDACTED] DST=188.[REDACTED] LEN=52 TOS=0x00 PREC=0x00 TTL=41 ID=55353 DF PROTO=47 MARK=0xd2 While this is not necessarily an error, it might be useful to display the name of the protocol, too, so the user will not have to look it up. A list of IP protocol numbers is available here: https://en.wikipedia.org/wiki/List_of_IP_protocol_numbers
i will have a look at it.
Something similar happens here with protocol number 4 (IP-in-IP encapsulation): 16:28:19 IN=ppp0 OUT= MAC=[REDACTED] SRC=87.123.XXX.XXX DST=87.173.XXX.XXX LEN=106 TOS=0x00 PREC=0x00 TTL=59 ID=0 DF PROTO=4 MARK=0xcb
This is more or less a firewall bug, but not a critical one.
I've send a patch to the development mailing list to fix this issue. https://patchwork.ipfire.org/project/ipfire/patch/20210713165851.3261-1-stefan.schantl@ipfire.org/ Please test and provide some feedback. Thanks in advance, -Stefan
https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=ca1f4a07abec374b319c29e2f08fce621483bdd0
https://blog.ipfire.org/post/ipfire-2-27-core-update-160-available-for-testing
https://blog.ipfire.org/post/ipfire-2-27-core-update-160-released