Autor: Adam D. Barratt Data: A: exim-users Assumpte: RE: [exim] RFC 1413 default on debian
On Wed, 2005-03-16 at 11:58 -0500, David Brodbeck wrote:
[...] > This is 2005. People use packet filters. That's life. Even setting your
> filter to reject can get you in trouble. If you configure a Linux ipchains
> filter to reject, it sends an ICMP Port Unreachable packet instead of a
> TCP/IP RST packet. Some versions of SunOS interpret this as a *host*
> unreachable situation and just drop all connections to that host.
I'd hope anyone using Linux for packet-filtering isn't using
ipchains. :-) (Given that it was depracated by iptables starting with
the 2.4 kernel series). Assuming iptables, doing it correctly is
trivial: