I had a previous pull request at #73 (I can't work out how to update this and as I've deleted and reforked my repo it might not even be possible. I am a git idiot.)
I've started from scratch and we can now take pkttype => broadcast, etc as an option.
In the original pull request there were three things to fix and I want to enquire about them before I take the next step to try and add them in:
It looks like pkttype can only take a single value at once. Do I still need to make it accept an array? I'm assuming this is something to do with "other, non-iptables firewalls might allow multiple entries." Is that the case? I wanted to be sure before I try to make it an array.
If so I take it I convert the type/ part to take an array and then test and fail in iptables/ip6tables.rb if they try to use an array to protect iptables users?
The second part: The correct order. Is there a correct order for these? I guess I can skip that for now.
The third part: I have no idea what to do about that. :(
Add in pkttype for matching multicast packets.
Add testing for pkttype.
After doing this I wonder - should I change pkttype to packet_type to make this more obvious?
Looks like this needs rebasing, can you rebase from master and raise this again? Also - I don't see a redmine ticket referenced in this pull request - can you raise a redmine request please?
(under the 'firewall' category).