bugzilla-daemon@netfilter.org
2003-Mar-17 21:05 UTC
[Bug 66] New: INPUT REJECT target needs state creation in OUTPUT
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=66 Summary: INPUT REJECT target needs state creation in OUTPUT Product: netfilter/iptables Version: linux-2.4.x Platform: i386 OS/Version: other Status: NEW Severity: normal Priority: P2 Component: ip_tables (kernel) AssignedTo: laforge@netfilter.org ReportedBy: netfilterbug@shemesh.biz CC: netfilter-buglog@lists.netfilter.org Sending a packet with no flags at all, where this packet matches a REJECT rule on INPUT, does not function as expected. The reject packet is not issued unless there is an OUTPUT rule specifically accepting RST packets (or ICMPs, if that is the type of REJECT). When the original packet carries a SYN flag, the above condition does not happen. ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.