> > I'm using bridge-nf-0.0.10-against-2.4.19.diff patch against RHL73 kernel. > > iptables -A FORWARD -p TCP -j REJECT --reject-with tcp-reset > > > > And I get the message to the kernel log: > > Does the patch below fix it?
Yep, tcp resets seem to come fine without error messages now. Thanks. How about the source address of ICMP rejects, has this always been so and/or is it easily modifiable? > cheers, > Bart > > --- linux-2.4.19/net/ipv4/netfilter/ipt_REJECT.c.old Sat Nov 2 14:46:15 2002 > +++ linux-2.4.19/net/ipv4/netfilter/ipt_REJECT.c Sat Nov 2 14:46:18 2002 > @@ -72,6 +72,8 @@ > nf_conntrack_put(nskb->nfct); > nskb->nfct = NULL; > nskb->nfcache = 0; > + nskb->physindev = NULL; > + nskb->physoutdev = NULL; > #ifdef CONFIG_NETFILTER_DEBUG > nskb->nf_debug = 0; > #endif > -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
