I'm diggin the REJECT with tcp-reset
"Brian Densmore"
<DensmoreB at ctbsonline. To: <kclug at kclug.org>
com> cc:
Sent by: Subject: RE: iptables
owner-kclug at marauder.i
lliana.net
07/09/02 09:59 AM
> -----Original Message-----
> From: Jeremy Fowler [mailto:jfowler at westrope.com]
> Sent: Tuesday, July 09, 2002 9:36 AM
> To: mgoins at kcp.com; kclug at kclug.org
> Subject: RE: iptables
>
>
> Oops that should have been a REJECT with tcp-reset not an
> icmp port unreachable,
> if you want to make it look like the port is closed and not
> filtered by a
> firewall.
>
> So:
>
> iptables -t nat -I PREROUTING -i <interface> --dport <port> > -s !<address> -j REJECT
--reject-with tcp-reset
Cool! Thanks for the tip!
Brian