[UFO Chicago] NAT and port filtering
Nate Riffe
inkblot@movealong.org
Tue, 28 Jan 2003 12:18:36 -0600
Just now Robert B. Moses made 15 LEDs in my apartment flash with this:
> Right, so when all other rules don't "match" for specified action, DROP.
> Which brings me to another question, does DROP send the packed to
> /dev/null or does is repsond with a connection refused type of thing.
DROP discards the packet, and is a built-in target, like ACCEPT.
REJECT will send either an appropriate response, or the reponse you've
told it to send using the --reject-with option. REJECT is implemented
as a module in 2.4's netfilter code.
--
--< ((\))< >----< inkblot@movealong.org >----< http://www.movealong.org/ >--
American currency is neither red, white, nor blue.
pub 1024D/05A058E0 2002-03-07 Nate Riffe (06-Mar-2002) <inkblot@movealong.org>
Key fingerprint = 0DAC F5CB D182 3165 D757 C466 CD42 12A8 05A0 58E0