Richard Dicaire wrote:
I'm packet filtering UDP based on MAC address, this is working, I'm using -j DROP as a target, what I want to know is what types of REJECT can be used for UDP packets? Thanks.From the iptables manpage:
--reject-with type
The type given can be icmp-net-unreachable, icmp-host-unreachable, icmp-port-
unreachable, icmp-proto-unreachable, icmp-net-prohibited or icmp-host-prohib
ited, which return the appropriate ICMP error message (port-unreachable is the
default). The option tcp-reset can be used on rules which only match the TCP
protocol: this causes a TCP RST packet to be sent back. This is mainly useful
for blocking ident (113/tcp) probes which frequently occur when sending mail to
broken mail hosts (which won't accept your mail otherwise).
Álvaro
