Question about REPLY.
Mon Mar 3 12:25:26 CET 2003
Steven W. Orr wrote:
> Can someone tell me the functional difference between
> REPLY_AUTH="EXT tcp-reset tcp auth 0.0.0.0/0=>0.0.0.0/0"
> and simply not adding auth to the INPUT rule?
In the INPUT rules it is not possible to specify how to reply to cirtan
packets. The line given above is somewhat similar to a INPUT with policy
REJECT (which sends port-unreachable), but it is here possible to
specify how the packet is rejected. See the manpage for iptables for
more information. REJECT rules are processed before any INPUT rules.
More information about the fiaif