Re: iptables REJECT types for UDP (if any)

From: Seth Arnold (sarnold@wirex.com)
Date: 11/18/02

  • Next message: Pierre Spielmann: "Re: iptables REJECT types for UDP (if any)"
    Date: Sun, 17 Nov 2002 23:13:38 -0800
    From: Seth Arnold <sarnold@wirex.com>
    To: focus-linux@securityfocus.com
    
    
    

    On Sat, Nov 16, 2002 at 06:01:58PM +0100, Miguel Angel Rodríguez Jódar wrote:
    > > using -j DROP as a target, what I want to know is what types
    > > of REJECT
    > > can be used for UDP packets? Thanks.
    >
    > AFAIK, UDP packets are not realiable, and haven't got things like the
    > RST option in their headers as TCP packets have, so dropping it is your
    > only choice.

    ICMP has a "port unreachable" packet that might fit this perfectly.
    (Type 3 code 3.) "host unreachable" is more draconian but probably gets
    the same message across. :)

    -- 
    Outlook users: please do not put my email address in your address book.
    This way, when you get infected with a virus, my address won't appear in
    the From: header. Thanks.
    
    




    Relevant Pages

    • Re: cannot establish a debug connection
      ... the protocol analyzer shows that the target is broadcasting some ... kind of udp packets; I guess that these packets are the target attempting to ... establish a debug session. ...
      (microsoft.public.windowsce.platbuilder)
    • RE: iptables REJECT types for UDP (if any)
      ... > using -j DROP as a target, what I want to know is what types ... AFAIK, UDP packets are not realiable, and haven't got things like the ... RST option in their headers as TCP packets have, so dropping it is your ...
      (Focus-Linux)