16 Apr
2019
16 Apr
'19
11:52 a.m.
I would replace DROP by REJECT. DROP means the system
will wait till the packet times out.
For outgoing connections this may cause issues as the daemon that sends the unreachable
will also wait till the packet times out before continuing
No, outgoing ICMP "destination unreachable" is not an outgoing connect and it
makes no sense to REJECT them...
(this kind of packet should not be replied to)
Rob
2048
days inactive
2048
days old
0 comments
1 participants
participants (1)
-
Rob Janssen