Re: What to return for AUTH tcp/113 requests?

To: moseley@hank.org
Cc: debian-firewall@lists.debian.org
Subject: Re: What to return for AUTH tcp/113 requests?
From: Daniel Pittman <daniel@rimspace.net>
Date: Fri, 30 May 2003 09:59:26 +1000
Message-id: <[🔎] 87ptm1s3s1.fsf@enki.rimspace.net>
In-reply-to: <[🔎] 20030529132248.GB401@hank.org> (moseley@hank.org's message of "Thu, 29 May 2003 06:22:51 -0700")
References: <[🔎] 20030529132248.GB401@hank.org>

On Thu, 29 May 2003, moseley@hank.org wrote:
> I belive it's not good to just drop the auth (ident) requests -- IIRC
> it makes mail clients delay.
> 
> So the question is how should they be rejected?
> 
>    reject-with icmp-port-unreachable
> or
>    reject-with tcp-reset

I never encountered a problem with either IRC or mail when I rejected
with ICMP prot administratively prohibited; that is also true. :)

     Daniel

-- 
When I admire the wonder of a sunset or the beauty of the moon,
my soul expands in worship of the Creator.
        -- Mohandas K. Gandhi

Reply to:

Follow-Ups:
- Blocking icmp (was: What to return for AUTH tcp/113 requests?)
  - From: Frank Matthieß <frankm@lug-owl.de>

References:
- What to return for AUTH tcp/113 requests?
  - From: moseley@hank.org

Prev by Date: What to return for AUTH tcp/113 requests?
Next by Date: Blocking icmp (was: What to return for AUTH tcp/113 requests?)
Previous by thread: What to return for AUTH tcp/113 requests?
Next by thread: Blocking icmp (was: What to return for AUTH tcp/113 requests?)
Index(es):
- Date
- Thread