* Markus Zeilinger <mz@xxxxxxxxxxxxxxxxxx> 31. May 04: > Hi Frank, Hello, > thx for you prompt answer! No problem. Thanks for not top posting you next reply. Thanks for not mangeling threading by setting a Reference: header with a real mailreader. > - Thy is DROP bad here? As I see REJECT would send an error message back to > the source, but this would not make any sense on packets coming on the WAN > interface with private IP addresses, or am I wrong? It would be kinda polite to point the sender of the packets to his misconfigured box. REJECT is like yelling 'Hey, you are wrong!' DROPping is like closing your eyes to somebodys problem. Anyway, it's you decision right here. > - Why is INPUT not appropriated here? Should I do the dropping earlier > perhaps in the mangle table? Forget it, everything fine. I saw a -d for a -s. BTW: never filter anything in mangle. HTH, regards, Frank. -- Sigmentation fault
