> > iptables -I cus2jarwan -p tcp --dport 445 -j REJECT --reject-with tcp-reset > > > > or > > > > iptables -I cus2jarwan -p tcp --dport 445 -j DROP > > > > You definately don't want to use -J REJECT - this will do more harm > than good, as it will be generating an ICMP unreachable message for > each port 445 packet. My mistake - I didn't notice you were using "--reject-with tcp-reset". Pretty sure you'd be better off with DROP anyway. Regards, Paul
