iptables reject with TCP RST

To: "debian users" <debian-user@lists.debian.org>
Subject: iptables reject with TCP RST
From: "Tom Reed" <tom@dkinbox.com>
Date: Sun, 14 May 2023 08:14:04 +0800
Message-id: <[🔎] 8845e974c6c329fd9fed4fc159b9aa78.squirrel@dkinbox.com>

Hello

I have these iptables rules which reject tcp connections with tcp rst.

/usr/sbin/iptables -A INPUT -p tcp --dport 143 -j REJECT --reject-with
tcp-reset
/usr/sbin/iptables -A INPUT -p tcp --dport 587 -j REJECT --reject-with
tcp-reset

When I telnet from another host to the protected port, it gets timeout
message as follows.

telnet: Unable to connect to remote host: Connection timed out


IIRC, timeout should happen for iptables DROP action. Since I am using
REJECT, why the connect shouldn't get disconnected quickly?

Thank you.
Tom

Reply to:

Follow-Ups:
- Re: iptables reject with TCP RST
  - From: Jeremy Ardley <jeremy@ardley.org>
- Re: iptables reject with TCP RST
  - From: Andy Smith <andy@strugglers.net>

Prev by Date: Re: how to find out regdomain/country of wifi network
Next by Date: Re: iptables reject with TCP RST
Previous by thread: Re: How to download source package using only console?
Next by thread: Re: iptables reject with TCP RST
Index(es):
- Date
- Thread