Iptables --reject-with tcp-reset for non-TCP traffic

red0ct

11/12/22, 1:47 PM

Here I faced with a bit strange rule:

iptables -A INPUT -s 10.26.95.20 -j REJECT --reject-with tcp-reset

This rule matches all the protocols from specific network and rejects it with TCP RST packet.
How is this supposed to work with non-TCP packets? If other end (10.26.95.20) sends UDP packet it then receives TCP RST? This looks extremely strange..

935

1 + 0

networking

linux

firewall

iptables

tcp

Score:2

Server

parkamark

11/12/22, 1:54 PM

Yeah, it makes no sense. IPTABLES also errors when I attempt to issue this on the command line (tested on CentoOS 8). It can only work if -p tcp is given which specifies that the rule is dealing with TCP traffic. Then it will work.

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Iptables --reject-with tcp-reset for non-TCP traffic

TH: Iptables --reject-with tcp-reset สำหรับการรับส่งข้อมูลที่ไม่ใช่ TCP

RO: Iptables --reject-with tcp-reset pentru trafic non-TCP

RU: Iptables --reject-with tcp-reset для трафика, отличного от TCP

VI: Iptables --reject-with tcp-reset cho lưu lượng truy cập không phải TCP

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.