My scenario is slightly different. tcpdump doesn't show ANY response, with the right or wrong MAC. Ubuntu 7.10, kernel 2.6.22-14 2008/4/23, Jan Engelhardt <jengelh@xxxxxxxxxxxxxxx>: > On Wednesday 2008-04-23 20:31, Gilad Benjamini wrote: > > >I am using iptables to firewall connections on a bridge. > > > >The rule below (minimized to the sake of the example) works > > iptables -A FORWARD -p tcp -j REJECT > > > >A TCP-reset variation doesn't work > > iptables -A FORWARD -p tcp -j REJECT --reject-with tcp-reset > > > >The TCP packets don't go through, but I don't see a RST, or any other > >packet, coming back. > >My options are: > > a. Something is wrong in my configuration > > b. This isn't suppose to work > > c. This doesn't work because of a bug > > d. None of the above > > > >Which is it ? > > > Since missing features may be perceived as bugs but which of course > are not, it would be 0.5*c+0.5*d. > > http://marc.info/?l=netfilter-devel&m=120716501006420&w=2 > -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html