On Wednesday 2008-04-23 20:31, Gilad Benjamini wrote: >I am using iptables to firewall connections on a bridge. > >The rule below (minimized to the sake of the example) works > iptables -A FORWARD -p tcp -j REJECT > >A TCP-reset variation doesn't work > iptables -A FORWARD -p tcp -j REJECT --reject-with tcp-reset > >The TCP packets don't go through, but I don't see a RST, or any other >packet, coming back. >My options are: > a. Something is wrong in my configuration > b. This isn't suppose to work > c. This doesn't work because of a bug > d. None of the above > >Which is it ? Since missing features may be perceived as bugs but which of course are not, it would be 0.5*c+0.5*d. http://marc.info/?l=netfilter-devel&m=120716501006420&w=2 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html