Re: Best way to block incoming TCP connections?

From: Olaf Titz (olaf@bigred.inka.de)
Date: Tue May 09 2000 - 12:16:06 EST


> > to learn to live with it. But the fact of the matter is that adding
> > something functionally equivalent to "--reject-with RST" should be
> > relatively easy to implement. In fact, Rusty said it was once implemented
> > but he allowed it fall into disrepair and be removed because there was no
> > interest at the time in using it. Well obviously there now *is* some
> > interest in using such a feature. Therefore, *forcing* us to implement

That would also be the last missing link in the technique presented at
<URL:http://sites.inka.de/~bigred/misc/dod.html> for managing
dial-on-demand connections. With a firewall rule generating RST, it
would be trivially easy to automatically kill off TCP connections
lingering on closed dial-up ports.

So definitely there is demand for it.

Olaf

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Mon May 15 2000 - 21:00:14 EST