Jurgen Kramer <gtm.kramer@xxxxxxxxxxxx> wrote: > I noticed that with FC5t2 the iptables firewall still has the -j REJECT > --reject-with icmp-host-prohibited rule instead of a more secure -j > DROP. > What is the reason behind this? DROP is extremely rude to the other end, which times out wondering what happened to the stuff sent. How would a nice error message back saying them they aren't allowed to do $WHATEVER be less secure than just letting them hang out to dry? The end result is the same... -- Dr. Horst H. von Brand User #22616 counter.li.org Departamento de Informatica Fono: +56 32 654431 Universidad Tecnica Federico Santa Maria +56 32 654239 Casilla 110-V, Valparaiso, Chile Fax: +56 32 797513 -- fedora-test-list mailing list fedora-test-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list