Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Iptables can be configured to reject a packet with an action such as sending TCP_RST or ICMP_HOST_UNREACHABLE packets back to the source. Like this:
iptables -A INPUT -p TCP --dport 22 -j REJECT --reject-with tcp-reset
What address does IPTables use as the “srcIp” of the TCP_RST segment it sends back to the host? Is it the “destIp” of the packet it received? Or, is it the Ip address configured on the interface from which the packet was received?
The
INPUTtable affects only those packets whose destIp is “owned” by the host. Since the sender is expecting a response from the destIp, theTCP_RSTwill be returned with the original destIp as its srcIp. If theTCP_RSTwere returned from any other address, the original sender wouldn’t recognize it as a reply to the packet it had transmitted.