[plug] iptables rules
Matt Kemner
zombie at penguincare.com.au
Tue May 20 15:47:01 WST 2003
On Tue, 20 May 2003, quoth Jon Miller:
> I do not use REJECT but instead use DROP as I understand there is no
> reply whereas with REJECT there is. What I have is several ports that
> states filtered and this I do not want to see when a port scan takes
> place.
It shows up as filtered _because_ there is no reply.
When normaly ports reply with a RST, and certain ports reply with nothing,
it shows there is a firewall dropping traffic - which is why nmap shows
the port as filtered.
If you want the port to appear closed, send the tcp-reset as per my
previous email on this subject.
Regards,
- Matt
More information about the plug
mailing list