Miguel Angel Rodríguez Jódar wrote: > > using -j DROP as a target, what I want to know is what types > > of REJECT > > can be used for UDP packets? Thanks. > > AFAIK, UDP packets are not realiable
This is misleading. UDP (as opposed to TCP) is a connection-less protocol. That means that UDP itself doesn't check if packets made their way. But this doesn't make the UDP-packets themselves less reliable than TCP-packets. > haven't got things like the RST option in their headers as TCP > packets have, so dropping it is your only choice. While it is true that UDP doesn't know such a thing as RST, dropping them is _not_ the only choice. The equivalent to TCP-RST would be to send an ICMP-PortUnreachable. Phil
