[EMAIL PROTECTED] wrote: > But generally: linux will send fake RSTs only via my corpse. > If firewalls will start to use RST instead of ICMP, we have to > ignore RST in established state. Is it good? The question is rethoric. What's wrong with sending RSTs? It is exactly the same behaviour as an absent service. A different token to "reject" e.g. "tcprst" makes it the sysadmin's fault if it is wrong :-) I can't see why we'd have to ignore RSTs in an established state. Care to give an example? thanks, -- Jamie ps. "rhetorical" - To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to [EMAIL PROTECTED]
- ICMP dest-unreach in SYN_* states of TCP Taral
- Re: ICMP dest-unreach in SYN_* states of TCP kuznet
- Re: ICMP dest-unreach in SYN_* states of TCP Jamie Lokier
- Re: ICMP dest-unreach in SYN_* states of TCP kuznet
- Re: ICMP dest-unreach in SYN_* states of TCP Jamie Lokier
- Re: ICMP dest-unreach in SYN_* states o... kuznet
- Re: ICMP dest-unreach in SYN_* stat... Taral
- Re: ICMP dest-unreach in SYN_* ... kuznet
- Re: ICMP dest-unreach in SYN_* ... Jamie Lokier
- Re: ICMP dest-unreach in SYN_* ... kuznet
- Re: ICMP dest-unreach in SYN_* ... Jamie Lokier
- Re: ICMP dest-unreach in SYN_* ... kuznet
- Re: ICMP dest-unreach in SYN_* ... Jamie Lokier
- Re: ICMP dest-unreach in SYN_* ... Taral
- Re: ICMP dest-unreach in SYN_* ... Jamie Lokier
