I'm trying to figure out how to set up a rule to reply properly to a connection attempt to a filtered port, with no success. ip6tables -I INPUT -p tcp --dport 23 -j REJECT --reject-with tcp-reset sends an icmp6-port-unreachable (default action for REJECT); removing the rule (i.e.: trying to connect to a closed unfiltered port) produces the expected RST. No problems getting other error messages (icmp6-no-route, icmp6-addr-unreachable, ...). send_reset() is defined in net/ipv6/netfilter/ip6t_REJECT.c and looks like is called properly in reject6_target(). With IPv4 always worked fine. I'm using vanilla kernel 2.6.22.3 and iptables 1.3.8.
