[Shorewall-users] reject with tcp rst

Tom Eastep teastep@shorewall.net
Mon, 7 Jan 2002 06:54:12 -0800

On Monday 07 January 2002 06:29 am, Riccardo Valente wrote:
> Is it possible to specify the action taken on reject? I believe netfilt=
> sends an ICMP "destination unreachable" message, but I'd like to config=
> shorewall to reject TCP connections to specific ports using a TCP RST
> packet. Any idea?

The later versions of Shorewall already do that (unless you've found a ca=
that I missed).

Tom Eastep    \ A Firewall for Linux 2.4.*
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net