diff options
author | Rusty Russell <rusty@linuxcare.com.au> | 2000-07-30 01:10:04 +0000 |
---|---|---|
committer | Rusty Russell <rusty@rustcorp.com.au> | 2000-07-30 01:10:04 +0000 |
commit | 14f390f569679b7b656237c74d383a3860b1cbda (patch) | |
tree | 91cee54f7083770c2770da3adcc55ab6fce82480 /iptables.8 | |
parent | 8c245b5afbee1a79439e18805130a636ef96019e (diff) |
Updated REJECT documentation
Diffstat (limited to 'iptables.8')
-rw-r--r-- | iptables.8 | 13 |
1 files changed, 10 insertions, 3 deletions
@@ -530,13 +530,20 @@ returned: The type given can be .BR icmp-net-unreachable , .BR icmp-host-unreachable , -.BR icmp-port-unreachable or -.BR icmp-proto-unreachable +.BR icmp-port-unreachable , +.BR icmp-proto-unreachable , +.BR icmp-net-prohibited or +.BR icmp-host-prohibited , which return the appropriate ICMP error message (port-unreachable is the default). The option .B echo-reply is also allowed; it can only be used for rules which specify an ICMP -ping packet, and generates a ping reply. +ping packet, and generates a ping reply. Finally, the option +.B tcp-reset +can be used on rules in (or called from) the +.B INPUT +chain which only match the TCP protocol: this causes a TCP RST packet +to be sent back. .SS TOS This is used to set the 8-bit Type of Service field in the IP header. It is only valid in the |