> > Or am I not seeing your bigger picture of how REJECT would affect the sub > chains? > > I think all the OP means is DROP is valid policy target where as > REJECT isn't. The big problem though is that DROP / ACCEPT as policy > targets or jump targets require no options where as the REJECT target > can take options to control the returned ICMP code, which with the > current policy handler you couldn't specifiy. > That makes a little more sense now. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
