recently I read ios 12.4 configuration guide chapter about CBAC and what I was surprised by were the following: "Restrictions
CBAC has the following restrictions:
CBAC is available only for IP protocol traffic. Only TCP and UDP packets are inspected. (Other IP traffic, such as ICMP, cannot be inspected with CBAC and should be filtered with basic access lists instead.)" And right several chapters later I saw one called "Firewall Stateful Inspection of ICMP" which states that some types of ICMP can be inspected by CBAC. Isn't this a contradiction on documentation? Why two chapters of the same gude say quite opposite things?
Thanks for replies