Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Philipp Schulte (pschulte_at_uni-duisburg.de)
Date: Sat Nov 16 2002 - 20:11:16 CST
Miguel Angel Rodríguez Jódar wrote:
> > using -j DROP as a target, what I want to know is what types
> > of REJECT
> > can be used for UDP packets? Thanks.
> AFAIK, UDP packets are not realiable
This is misleading. UDP (as opposed to TCP) is a connection-less
protocol. That means that UDP itself doesn't check if packets made
their way. But this doesn't make the UDP-packets themselves less
reliable than TCP-packets.
> haven't got things like the RST option in their headers as TCP
> packets have, so dropping it is your only choice.
While it is true that UDP doesn't know such a thing as RST, dropping
them is _not_ the only choice. The equivalent to TCP-RST would be to
send an ICMP-PortUnreachable.