I hope this is a quick question for the experts...I'm at a loss as to how to do this: Drop packets with dest port 4321 with the rst flag set.
Here's what the rule I have in mind would look like (iptables -L) target prot opt source destination DROP tcp -- anywhere anywhere tcp dpt:4321 flags:RST/RST How can this be done in the shorewall rules file? or do I need to create a special macro or something? The box running shorewall is doing NAT for my lan...so in the end I would like this rule to apply to packets heading to clients on the lan. (something like: DROP net loc tcp 4321 with the tcp flags information added somewhere...) I know this will leave hanging tcp sockets, but it's needed in my case :( -- matt [EMAIL PROTECTED] -- http://www.fastmail.fm - Faster than the air-speed velocity of an unladen european swallow ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
