1:INPUT,FORWARD,OUTPUT 2-p icmp -m icmp --icmp-type any;=;OK 3# output uses the number, better use the name? 4# ERROR: cannot find: iptables -I INPUT -p icmp -m icmp --icmp-type echo-reply 5# -p icmp -m icmp --icmp-type echo-reply;=;OK 6# output uses the number, better use the name? 7# ERROR: annot find: iptables -I INPUT -p icmp -m icmp --icmp-type destination-unreachable 8# -p icmp -m icmp --icmp-type destination-unreachable;=;OK 9# it does not acccept name/name, should we accept this? 10# ERROR: cannot load: iptables -A INPUT -p icmp -m icmp --icmp-type destination-unreachable/network-unreachable 11# -p icmp -m icmp --icmp-type destination-unreachable/network-unreachable;=;OK 12-m icmp;;FAIL 13# we accept "iptables -I INPUT -p tcp -m tcp", why not this below? 14# ERROR: cannot load: iptables -A INPUT -p icmp -m icmp 15# -p icmp -m icmp;=;OK 16