Hi,
What iptables table/rule can I use to drop RST (TCP) packets that're in
reply to SYN?
Below is a picture of how I think it does it if everything is accepted.
(Final conntrack states in square brackets.)
_Client_ _Firewall_ _Server_
-SYN-> [NEW] -SYN->
<-RST- [CLOSED] <-RST-
This is what I want it to do:
-SYN-> [NEW] -SYN->
[CLOSED] <-RST-
^
IF TCP & [NEW]: DROP '<-RST-' & SET [CLOSED]
I've tried mucking around with some rules but instead of getting the NEW
state when SYN comes along, I always get ESTABLISHED. (I think I'm
using the wrong table.)
_Client_'s interface is ethC, _Server_'s interface is ethS. _Server_'s
IP address is 10.0.0.1, port PORT. _Client_'s address is arbitary.
Regards,
--
Atsushi Nakagawa
<atnak@xxxxxxxxx>
Changes are made when there is inconvenience.
