> "So if I have my firewall rules to reject TCP on port 113 (auth/ident), > our Digital Unix smtp server spends a long time retrying with the same > SYN packet. > > The net result is that sending mail takes ages, because the remote smtp > server won't accept mail until the connection to my port 113 times out." The digital setup is broken then. Note that ICMP is _optional_ even. You shouldnt use ident when doing SMTP, thats plain *dumb*. Ident provides no security information of any value and is likely to cause unmailable sites due to long timeouts. There are several sites that mail from me to them just fails due to this. I no longer care about their flawed setup. Alan - To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to [EMAIL PROTECTED]
- Re: ICMP dest-unreach in SYN_* states of TCP kuznet
- Re: ICMP dest-unreach in SYN_* states of TCP Jamie Lokier
- Re: ICMP dest-unreach in SYN_* states of TCP kuznet
- Re: ICMP dest-unreach in SYN_* states of TCP Jamie Lokier
- Re: ICMP dest-unreach in SYN_* states of TCP kuznet
- Re: ICMP dest-unreach in SYN_* states of TCP Jamie Lokier
- Re: ICMP dest-unreach in SYN_* states of TCP Jamie Lokier
- Re: ICMP dest-unreach in SYN_* states of TCP kuznet
- Re: ICMP dest-unreach in SYN_* states of TCP Paul Rusty Russell
- Re: ICMP dest-unreach in SYN_* states of TCP Dan Hollis
- Re: ICMP dest-unreach in SYN_* states of TCP Alan Cox
- Re: ICMP dest-unreach in SYN_* states of TCP Matti Aarnio
- Re: ICMP dest-unreach in SYN_* states of TCP Taral
- Re: ICMP dest-unreach in SYN_* states of TCP Tim Fletcher
- Re: ICMP dest-unreach in SYN_* states of TCP Taral
- Re: ICMP dest-unreach in SYN_* states of TCP kuznet
- Re: ICMP dest-unreach in SYN_* states of TCP Jamie Lokier
