[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

REJECT rules with tcp-reset.

Hi folk.
How can I correctly create rules with REJECT and tcp-reset.
If I do
iptables -A INPUT -i eth0 -p tcp --sport 1024: -d MY.IP --dport 113 -j REJECT
--reject-with tcp-reset
iptables -A OUTPUT -o eth0 -p tcp ! --syn --dport 1024: -s MY.IP --sport 113
I wait long time when I try connect with ftp & mail services.
If I try REJECT --reject-with icmp-port-unreachable
this work quickly but slowly then I permit authentication.

What can I do in order to use tcp-reset?
May be using state rules?

I use unstable iptables 1.2.9, kernel 2.4.24

Зарегистрируйте бесплатный почтовый ящик @inet.ua

Reply to: