On Wed, Jun 26, 2013 at 05:16:28PM -0400, Phil Oester wrote: > As reported by Casper Gripenberg, in a bridged setup, using ip[6]t_REJECT > with the tcp-reset option sends out reset packets with the src MAC address > of the local bridge interface, instead of the MAC address of the intended > destination. This causes some routers/firewalls to drop the reset packet > as it appears to be spoofed. Fix this by bypassing ip[6]_local_out and > setting the MAC of the sender in the tcp reset packet. > > This closes netfilter bugzilla #531. Applied, thanks Phil. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
