REJECT rules with tcp-reset.
Hi folk.
How can I correctly create rules with REJECT and tcp-reset.
If I do
iptables -A INPUT -i eth0 -p tcp --sport 1024: -d MY.IP --dport 113 -j REJECT
--reject-with tcp-reset
iptables -A OUTPUT -o eth0 -p tcp ! --syn --dport 1024: -s MY.IP --sport 113
-j
ACCEPT
I wait long time when I try connect with ftp & mail services.
If I try REJECT --reject-with icmp-port-unreachable
this work quickly but slowly then I permit authentication.
What can I do in order to use tcp-reset?
May be using state rules?
I use unstable iptables 1.2.9, kernel 2.4.24
Thanx.
--
Зарегистрируйте бесплатный почтовый ящик @inet.ua
Reply to: