From owner-freebsd-security Wed Nov 28 14:47:43 2001 Delivered-To: freebsd-security@freebsd.org Received: from proxy.centtech.com (moat.centtech.com [206.196.95.10]) by hub.freebsd.org (Postfix) with ESMTP id 33FDA37B41A for ; Wed, 28 Nov 2001 14:47:38 -0800 (PST) Received: from sprint.centtech.com (sprint.centtech.com [10.177.173.31]) by proxy.centtech.com (8.11.6/8.11.6) with ESMTP id fASMlbf01053 for ; Wed, 28 Nov 2001 16:47:37 -0600 (CST) Received: from centtech.com (proton [10.177.173.77]) by sprint.centtech.com (8.9.3+Sun/8.9.3) with ESMTP id QAA01400 for ; Wed, 28 Nov 2001 16:47:36 -0600 (CST) Message-ID: <3C056986.163131B9@centtech.com> Date: Wed, 28 Nov 2001 16:47:34 -0600 From: Eric Anderson Reply-To: anderson@centtech.com Organization: Centaur Technology X-Mailer: Mozilla 4.78 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-security@freebsd.org Subject: ipf return-rst Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'm trying to figure out why my return-rst lines aren't working. Here's a sample of a line: block return-rst in quick on xl0 proto tcp from any to my.ext.ip/32 port = 23 flags S/SA and I've tried: block return-rst in quick on xl0 proto tcp from any to my.ext.ip/32 port = 23 flags Both block the connection, but timeout instead of giving the "Connection refused" line. What am I missing? Thanks! Eric -- ------------------------------------------------------------- Eric Anderson anderson@centtech.com Centaur Technology An unbreakable toy is useful for breaking other toys. ------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message