> -----Original Message-----
> From: Jeremy Fowler [mailto:jfowler@westrope.com]
> Sent: Tuesday, July 09, 2002 9:36 AM
> To: mgoins@kcp.com; kclug@kclug.org
> Subject: RE: iptables
> 
> 
> Oops that should have been a REJECT with tcp-reset not an 
> icmp port unreachable,
> if you want to make it look like the port is closed and not 
> filtered by a
> firewall.
> 
> So:
> 
> iptables -t nat -I PREROUTING -i <interface> --dport <port> >  -s !<address> -j REJECT 
--reject-with tcp-reset
Cool! Thanks for the tip!

Brian