On Sat, 2 Nov 2002, Bart De Schuymer wrote: > On Saturday 02 November 2002 14:00, Pekka Savola wrote: > > > Does the patch below fix it? > > > > Yep, tcp resets seem to come fine without error messages now. Thanks. > > > > How about the source address of ICMP rejects, has this always been so > > and/or is it easily modifiable? > > Does this incremental patch fix that?
Unfortunately not .. 0.0.0.0 will be used as the source address instead. > --- linux-2.4.19/net/ipv4/netfilter/ipt_REJECT.c.old Sat Nov 2 15:34:39 2002 > +++ linux-2.4.19/net/ipv4/netfilter/ipt_REJECT.c Sat Nov 2 15:36:16 2002 > @@ -245,7 +245,7 @@ > iph->ttl = MAXTTL; > ip_select_ident(iph, &rt->u.dst, NULL); > iph->protocol=IPPROTO_ICMP; > - iph->saddr=rt->rt_src; > + iph->saddr=saddr; > iph->daddr=rt->rt_dst; > iph->check=0; > iph->check = ip_fast_csum((unsigned char *)iph, iph->ihl); > -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
