diff options
author | rusty <rusty> | 2000-07-30 01:10:04 +0000 |
---|---|---|
committer | rusty <rusty> | 2000-07-30 01:10:04 +0000 |
commit | 64907cece9311d1c339b15eda3f3b4d43f916764 (patch) | |
tree | 91cee54f7083770c2770da3adcc55ab6fce82480 | |
parent | 45d299bd79bac718a369e0c191bad158471ff91f (diff) |
Updated REJECT documentation
-rw-r--r-- | iptables.8 | 13 |
1 files changed, 10 insertions, 3 deletions
@@ -530,13 +530,20 @@ returned: The type given can be .BR icmp-net-unreachable , .BR icmp-host-unreachable , -.BR icmp-port-unreachable or -.BR icmp-proto-unreachable +.BR icmp-port-unreachable , +.BR icmp-proto-unreachable , +.BR icmp-net-prohibited or +.BR icmp-host-prohibited , which return the appropriate ICMP error message (port-unreachable is the default). The option .B echo-reply is also allowed; it can only be used for rules which specify an ICMP -ping packet, and generates a ping reply. +ping packet, and generates a ping reply. Finally, the option +.B tcp-reset +can be used on rules in (or called from) the +.B INPUT +chain which only match the TCP protocol: this causes a TCP RST packet +to be sent back. .SS TOS This is used to set the 8-bit Type of Service field in the IP header. It is only valid in the |