lazy subchain protocol propagation is broken for icmpv6-type #96
Description
Given the minimal example
domain ip6 {
table filter {
chain INPUT {
proto icmpv6 subchain "test" {
icmpv6-type echo-request ACCEPT;
}
}
}
}
ferm 2.5.1 as well as current git cause ip6tables to fail with unknown option "--icmpv6-type" error.
They do generate this command:
/usr/sbin/ip6tables-legacy -t filter -A test --icmpv6-type echo-request --jump ACCEPT
Whereas ferm 2.4 generates the correct command including the needed --protocol icmpv6:
/sbin/ip6tables -t filter -A test --protocol icmpv6 --icmpv6-type echo-request --jump ACCEPT