(netfilter-devel removed from CC list) On Tue, Mar 16, 2004 at 09:12:01AM -0300, Fabiano Reis wrote: > Conclusion: I think this was because the Windows implementation of TCP detects something different on this connection, maybe it detects in some way that there is a filter on the server side and this is why the time for the error message take so long to appear. Basically yes. I wouldn't say that Windows "detects something different". I would say that the Windows client isn't properly interpretating the ICMP Port Unreachable message. > Am I right? Is there a workaround for this problem? I need to make windows think that the server is really "down" and that is why i?m writting to you people. try extending your REJECT option: -j REJECT --reject-with tcp-reset which should give you the desired result, in exchange for being a crude pseudo-rejection. Joshua. -- Joshua Goodall <joshua@xxxxxxxxxxxxxxxxx> Solutions Architect / Principal Security Architect myinternet Limited.
Attachment:
signature.asc
Description: Digital signature
