On Wed, Jan 10, 2018 at 06:59:01PM +0100, Lorenzo Bianconi wrote: > Whenever the acl reject rule is hit send back an ICMPv4 destination > unreachable packet and do not handle reject rule as drop one > > Signed-off-by: Lorenzo Bianconi <lorenzo.bianc...@redhat.com>
It's nice to finally get this right! Thank you. I wonder about the treatment for TCP connections. A connection attempt to a TCP port that is not listening ordinarily yields a TCP RST response. I do not know whether an ICMP reply is acceptable. Do you have any thoughts on that? I think that this should add an item to NEWS that describes the new feature. Thanks, Ben. _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev