REJECT patch
Jozsef Kadlecsik
kadlec@blackhole.kfki.hu
Thu, 9 Mar 2000 11:11:07 +0100 (CET)
This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.
Send mail to mime@docserver.cac.washington.edu for more info.
--110391808-2042659971-952593231=:9670
Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
Content-ID: <Pine.LNX.4.10.10003091015022.9670@blackhole.kfki.hu>
Hello,
This is the newest revision of the REJECT patch. It adds the possibility
to send back customized reject packets: ICMP net/host/port/proto
unreachable, faked TCP RST for TCP and faked ICMP echo reply for ICMP echo
request. There is a restriction: rejecting with TCP RST can be used
in INPUT and FORWARD rules only.
For the internals: why I don't use icmp_send, when the patch would be
much more simpler and nicer?
All routines call ip_send finally, which means the generated packets are
seen by the POSTROUTING hooks only. If icmp_send were used,
the generated packets would be seen by the OUTPUT rules too. By avoiding
icmp_send, there is no need to setup special rules just to let out the
reject packets.
Regards,
Jozsef
-
E-mail : kadlec@blackhole.kfki.hu, kadlec@sunserv.kfki.hu
WWW-Home: http://www.kfki.hu/~kadlec
Address : KFKI Research Institute for Particle and Nuclear Physics
H-1525 Budapest 114, POB. 49, Hungary
--110391808-2042659971-952593231=:9670
Content-Type: APPLICATION/OCTET-STREAM; NAME="netfilter-0.90.4.patch.bz2"
Content-Transfer-Encoding: BASE64
Content-ID: <Pine.LNX.4.10.10003091013510.9670@blackhole.kfki.hu>
Content-Description: netfilter-0.90.4.patch.bz2
Content-Disposition: ATTACHMENT; FILENAME="netfilter-0.90.4.patch.bz2"
QlpoOTFBWSZTWYDioGoAFCd/gFAwIAR/////////7v////9gGpwC2+h2qWmd
ZZYyY5hhY3XddGsOrfennHLe3IBr16aHqLrZgaokAoAoARtpQApS2NAEJQgg
I000DRpDRMyCQaaaG9UzU2JlNqNqeoAeiaAJQmjRNBMkjFNHqep+pPU09QyA
PUADTQaBkABkBw0NGTRo0aaGRkMIAyAGQaaAABkDIAk0kkEyE9QJgUMniQyA
ep6gAAGRoAABoNqSJtCj1NNA0AGgAAAGQyAaAGgAAJEQgEAEaCZNEYKbRqTx
GJD9QQ0aabU0yNGTJpugTCMkVioAwA6SzKC2lILBFyntsoaGoixRtJrELUUO
/gZMGtIoOrIFYscapBECLIn/Lf/UhNsWFiyRWlAohDwWokDwgatmJaUqjGU1
CIlqqqrQok+L4H9VFw2A26oWyRYJjRARRisjEWTkyUSAiRQMaiyREiPEsJRU
YojCYlYYwDZDSaiLJNUGBRUVSYOVab2d+uZ8xHTgKskXaZ+RB7NT6aG8LK3u
VZlzlJNIu+6jUGNzjokfv3KTMDeKoutRVwJnVv0Jv2uUktd5pNtb0BQgiFEU
rs7HCZKML0RBLWQg00PlP3n8yRfvrC2jYw1dcA7qos6HWzrKIMVk03WYJtkt
lxblLmXA7RKajKAU1cty2FYl2vat2uxroaxmHwwpTcagq22Qomb7pFB4xZwy
GyKLIV/e3imZwzZmfbaON8lzgCSrViSpQ90Mr9xSBGxz3slByc+6nZX++LDp
Fy864d+8m+c2hs94WQq0XY0ly8q9rx/4rBNmNNpoY9QipSpCdRILpXSaXxjJ
nhmzZJL3E+4sxhfw14J66ARE2IRcXDFRPXTgnYQkuKBceoYu8JhNYecMB4PM
MmvEQno4SkIMDzUs5L76ApMARVByChdSiMUD42WwB9ybRVPw/1kN09XZ2x7V
4FjrNjEFwU0FOmop0XmizA7Yhd4ziMDCgKA7LNMYhsbiKIqG5sZ9EpOJxGf4
533BLks46/rvFPDZAoaHTfItmkVg732iDxoEtmqmmtyfPnJvZ/EYp28t4r0S
ilWYELZlqIGoT9R8T4/HrK8sPmF7y+HEvn2ZDGiqiWfYdQl6AKqqFxokUxEI
C4umZpurwPMdeuc4XshUFxe9yXkTeRE1D965mlVMiCpoznA1CepSB785biJP
ChBB2lMhlyezeIh0kZzSR4rszeCWFRUSTzpFdHqXWt2hCoW8DDJ3cIrPFTgF
xcdJhdpiyO4aLipKl/N+mKA2oqfWZ+0x/cdKhhn6Q8WpPZkvn+cjTKOGKjPQ
4/D6n9VuFqt6+SqVWkI9L8Fe65+GCKimHMrG0uFkrnGWaYcO49mJtH3RLCVi
BKyOlZJVVkfecew5G9zWqZWgs46y4X7YsDm4Wrh426Zaw/yaV6YMoIMSwj4u
lBdHJluxJY+PrEg3mEHz/BZh1A0AyMPCZnuIFhOGCB1bX9dZpEimCKUu5YwF
e+teFQWuNs7WrYvrZyaThwPqONllwtrLk/yfYSpbVyA5NJejJb9dGdljeU8C
eM5jzGZ69c7lie2hQ4LVp2+N/V2UDbpVcDJcOWDbbe/N3Pa3nqOmNteuNI4i
UB0UlU1Jo0rSkk242WZnF8zrovGZpS7XGBb812s6F9Akuxkdfc19IqUL3lt1
ZRiTONzPE+VlcgoBdP68vv24TjdJO3Xbqpn2jRmPfqFKJXqJPcvMZliKJGLn
Ht7SmvI8bqXNBQozaUWx3Ez3UOapLYNrNU0Yl9XaSOV4+OC9epdAgah0h4/J
Dfeb65sTYU1pTfecS122mrjWGgz1jpAWDJoeqylIuUbRiHWEdzSqBIoRUesM
aRXA+1CXsj6fH5fb8O2hCZiowCoxxOczzWd58WbwubcFefHjoLfFTE9lBBgK
cuo7zz1w+grIsUFlYKiqg7eKv+57U5mjptgOuh0cvYYzBLhilzB+b43WI4F8
ph6Bh3GTa3j/rlcfZnEnoNCTEPO8LU/g1taEf73uPcQvBrzWVe3HbJoM+Iy9
cCEtbsxbC8jU0ZeiST1U5l99S4ZgvYQsRmpnsRAXlChjdCaGNTBB+xpkcwwq
ChTAoUnjTnSGTor2ZLU+Oc/kcq61B3od0890D5LS2we2O7BNjtv9Jf7dvsm9
nHCX6JHyyyw7NiWyWmTMbRyafJuroF1Qhvbiu9e7toMwoOoNRjRvObjp+tu6
7NUM0n7cCODW6/mFKghh4gqj3mSN94uwnMRkG5HdwY3imWTqLHhfTjcPXqeP
Ua4e6k+2Y38feYnaJfMgD7wQxgosiikFEZEYCIqCgHBUhA8HQ1mzIHsTnMYV
SBWpPwwAkiwIyegGFIBZPilITyshoPEeuhliToKamYEEziWiqCgpXBcOXKEt
vrDv9onNNHzaeVZ4a8qe5hz8PDhgbHKS1B9ashG6XRxHWUwmnDttick79oqh
VCS1JTXsdkgQcSW9+8PHwGGIZ7zKmeLyOFcA5LBrrF5fwMDem2P6ndrPMjx/
OEIYMIoNawBr+QzsIdk4MvQO7KHeDVkNtbSJUyGgWA0A2A0MYsWkjgfh3wd7
uyCxRg9YcvtzGGsdeEfUKeu7pTtsSkouHLJK8lyQpBIANj2DoG78UBRXirED
+9Ht42FisPu+XbLx6TbbA91UtBag43JbAKhVjoOAaqe9IA+cEe8XZCCGhpib
TG2l+Sb92QdWX/0AjSJ1yOJ6FkjfhU4GieHeceKqvAGjv4Ta6vDl97yCh+cT
J6/VQho3gM8T+37c6esAqAYC/0LCZUbbG1JcwiRZE74t3uCKuCiq4ineHMnU
UYwMWCl7U+0woJkYSMnFUqXtalejeZer6R3ccMH6QFUBc76ajHv24Clyplji
olSiM2siZdeMpDzHeWmbEinGTSy7PNx8DAJTlqAUMJpzb+ezHLLqDq5zuDke
MnKUus6lUe1j229BWXq/Fzc79vxQSrkD5vSPuFhhiOVQhhVY5cOxoeHGD0am
67FoiSWUTMFSxTEm4uDUoaiXecR8pY42kpOPFLTEVnFLHefXWq1GtziMlLA5
TeDdNo+B9JWTLhH6CeGqmfCTqzrR/3psGXtdzQ+jHBI+aAjIXKahS0QYZMGq
mBLvFsJwHSMkfAw+wFuK12wzJA0nrbq4/CCT2K7kkhSaFkSRTtYoAdyiSwpR
CB2+1hIZFVHGIzUkV1Ty+h65ezac8coj7JYK5EsiNRkiv2Y9xewiYkfDoInf
QgT+XFgbwX+LQxzVEQuiKECIhmZFASYIl3xSWCVSBJkxQmvddCvwTyHbdtt4
k8CCZgJeJZmCJ/kITpjBexCuV8AZ8Rv+cI6igYahi+IuUpr9uFESGK2LYLAK
dYzNVgqsDmbKC1CYEWDkMypioRBlQ6qAMjIvE2kGmkJZDuk7hrdJ/BY7RIxG
LEQWG3bDaZosocMPUgdooooiOpSlg+Oh35y47tw8hCg0MU2i8mduh03x0ALw
1YW3pwYq6/ercQIySCvwwk0qTYzERCnMDhyRyVXm0xlY6VC0FRyDkBkqeaIP
HgJw/44yEkqXUNmUXoDPqFWAWmoajswM+aKFwdEsFYUywhUEdjWuU2tS7TiJ
OoaxfGIhaPS35G7xnnGp6vf8wHo8MnWRm9O8RDCE7h3zsIZEEQRIxB7Apcjx
MdljceKyI7pWYCrpjTzwNjvEmNQGAQFSSuIddFlnzkResrsIa4fNGbTQV1DC
SVDT7M9I3lAsu4erYtSCZqzGsZUUUIQ1S0KyuBrdw7GmxsZe3fsVZLKwlaSC
FhiUqEpUnLSBjVYavV2JKvDcaCwOTxqZWzVIALGMKtEUCQoE31loczJEzMzL
wWoRWq/oG0SzXPS9pIxyGucvNTrNLnqNEDJNoGvgez6GhVR8PmqzVY+lnoPr
wX5w+hh9ax5Hf8hzhEobQxNUBQyowA8s5jNuYzunChQmPFuXrYRchuoSMgQU
vjBvYJUUA+0aDbi1CV1TVKSL+wXUfhPpM0xYE4pslOLCcDJNvJ4OVZAyCjga
as4VGyqrhBjVCUFB4B+WXM/qVP2g0sVooDALjQYkKVRwE+oud4od8VBJmIa6
OYqMCkxU1A/xkJL5WJ3DSgBTcnbYAZI/Zs+5xF5ZIDhebjNNsYNsbMRE6goi
COpUA0OoXwDrWxlmFoWqyXcFec8ymnqexKCgVZQE8ZFFQ0oFQYmUTR/HaF4j
iMKJ1SSg28wNUrYGgj16KOI6qTIQRNxioUah+OVULsuMUdZ8hugxPBAjYwRc
ZsPzUF5CEP6gJ+sV1i9EkJd4FyvUEJH2ZVyI8SVrLQloB3HKlk8msIiP3auB
VeqyICWg7JzhzMh6MOR0FLuvQ25EOp4KgKKioQNa1YYCoEjEkrXmCT35LL/K
jgJCQ6p5LOwgJoNikOUnaALAgsgLASQnWOF6wxg3oWpjZ6USy95KmqWjQlQr
LpwuZQwlbESmadGwMh3TqVeNyQG0GTBHfnQ3r4MEagRwGGARuRq5A9bZJ/QG
pc3KBu0XdEqg42QXQ+gNsOLNaqbBtDzoBjEmJf0tjrC8zGogZQ4J8jt7QjwP
jXnB1ryu1LDaSY5eYdp2zfI5F1h0PbKNtgvZ6uGANSruegdaZYcyyyxOhUpn
CBJaqLdiRq06DKWlKzojmMxTWk0jcMM1KVkW2xqZQrT2xFhEGExMFUDbRULw
DMQwKK6D2F6I4LmvuY8cADWf1QjIYkFGX57NrIXjF5vBWZFaW1Rj27rqiNlg
gDGrQfBpAuOZectp5BlBy1JBGpwhG2/1tJsaYB+cvMET+PocQRnvOvj5QHpM
+oEXHISM0YHymRkPnoVkAYNJDB81Tjjcbg1jGFVkxljGMDCuD48aU7Bq+6yo
29Z2wN0Eo9hvBOVbLVZLJDiZlgUUBEo8KiRSyC/8UBlspwLSe0Ee7YqNAHCH
ArPKHpXNCfk25SaA2iIRGGFhxA3wguCh6BQFkQq0pWQuQH6EkX/yoBB0fdfe
kFDLWHpLhe5MZZHsCV+CUlsRzFGTYFA9jVihBVJfrguuKCNdJEsztMCissV5
lwPWXSBgoxyKs0lCwaCswirGMihBSIMARidZGWKKAo6kjqAjEag+WqSVEUGC
G2Yi3hAB6eVT1FoISYH2Js2o5sV6Dlco8oOrpgX0yZiKh+DXRZJptfECoeIJ
oXPSJ+UPUjwvDYHkv1SGfNQLvQ/PB217XSlZ22FVUQuQlrY2YGnVT0hkADuX
uCArFuIjiJa0jySoHA7oARzWiV3m0D/bYJeufn9BibAR0ChIGYXiLNsbaWo3
0S+2Ze/0XefSrlh2vqYhj+mILyo0iBnFKJvjHiafIwIBDSsdpvLjI0UNQEMT
k7jmrUKkSWCTQJRKidDDBiYCUtRJul3S0hxl/NNsbbFKEmNYwec1cjhYTAZ0
HzfzC3qI9xVJFOB7GubLDBEoSWwjwLMh9bFDPYAyBPzjIEkpBQtw0gLFSFuE
Iw2GJmQrBgpiIUX0RNiClUbV7PODCiaOQhqSBJsRmrzDkcBmh5ZkroOhvLQM
r2FQkudZySn6bg6cRU40HCXuSkLbo2NSt8G1G4vCLJUN4rwEMLALHkxtF2yS
UliWG0MuwJUm8cI6mQMWa1um7i7i2sVq9mRWqKolLExckM17AQFTTVVF4XlB
tLNDEeei7KQm0Urfcy4bOaGPxwPNdxsqMZEg9l4ExgwU4F3kM829FSysAmWE
XNMJIUMAYw7mKRGRvEriioev8HYbhjQj9OgB5kazPBCTGIZItcoZJ8WWDxMF
8C4uQt1xsYgJEtgIhCK1aloQxgF5CUDV18pFdwjzIGxeT+EEBzKSo5zDKNlG
RcyAk1dyPFUS714rQ1gjeeTLrj3iDgGCWgQjMaqU1Iy7INRRhWqoQmJLxqIP
tW0MRFuZ/B4BsGho4pfR6BKmQYbUNjYNBsnkUWmAFx6KBsKsUmtAURQuZxCh
1keRoIzMH0L8/U+wa7C8R9bRxWkHTUdDbeuyF3bFBcWICW4IAhq0pQDAVGRg
mHc65PdDzIHqLQsyT3vn3pHzhDh79Dkc0ERZGIiEgxEjFiqonNULC1saKx3b
Hu8T3te5hSpkrAwkwSGLh5/a8jBRVRA4aZ8FLbdl7G/RdAISIyCQ+vakPJAJ
pC2AwDf0uPOoqFkWDchtHjDyhksLEYwEUzfg6mCZb5wQzAhQCo1DAkERwhJE
lHCKB5IjwzIVxxMRXA6ZEFqLRCvA1FLW3zsFsgONPRPQ+FklKMiKKpSJOvw0
8PHyDcV36w3x3NH0jynJkMIaCNBAbsxHPsQvyuZGHJCIKkceoxDZkus8gWSD
0+fcFhG40BbU2NcO/l0OgUOIvvLtpkdFMBLHJCqmXYC0GpAqb0osaLmJCMQc
MUPh3VP5D9u2BtMLNXIavkibj0yc6BSSx405ZQW6mUyVLmRM5CqmVboMISkA
hhk4sWaqUc3/vKIt0N5u3cnId2wJ4svPUGgFjePOmaqUHdzGJjYk2PpGY64l
zXyNXcMhKKkAjUcEUXybvKUeXgoKM2pig4mwa7EwbBpMkoNLvUJnwWUqrKmH
Pmc1z32489ZCXw228CnMKDBck6lRSQQqNFWayzW0bG0voKdzmZh3TZ7BisQy
lGDL9W0EQwTUjck3p0oFENMctQNGPnXrAOyxZb8P+3XVhfSIOBHKhCdDerk1
dJMzUrfUI+wZu4EX3QiOIBiuMgLCbO64HgNSobTV0ZYa4FEsSAUS0GFyqYFC
rixVq76XKbsmF0uxaTbpSbFSrHQwuvrdUxGpfZ2VMEFAG0YClKG7LW9UbVw6
uW8mHmslYDuJzNpw1E2GpEIBaRVJg6ExpgEjMZCAoTJoBYVGKiURWUaJKRbU
zgQI13QNegstupUFULmrg2kzJByGrAGxfevX5jwsIwuDRLztc0Pc17wR1e3h
CSC+4vu5pdSA2m/ugKtB1HHbVwNSpoUoTTAPrHlKsNO0LvhOx0dcndE8ZRgq
rUbSUqZlwZDLDAlSdZrISqbj2hu8y9JimQKGa1oFwhIpelN0EIgGI2EXHywk
i09cYjIamA98ODtp7dQrI3HD1h0NOtCEdQCxW37SnvEufxRBAe1cjqayCEup
MG0D55r8Yz0bQgYMW/dBANmWBmbxIqLmd5RcFtiAGIWtLsPnYUR2EKngceY4
oZ16DKlAoG43Qe1sY5NA+21UjuHmcFyNDrrOxPqqq1IeRzheCWaQuRnuiO9c
mVdNkcWrDOplykI3MSzAWJfgcwS5agQxjQNN8xsT/YNpi83zeuYi240klIVt
9omAX6Z/8XckU4UJCA4qBqA=
--110391808-2042659971-952593231=:9670
Content-Type: TEXT/PLAIN; CHARSET=US-ASCII; NAME="kernel.patch"
Content-Transfer-Encoding: BASE64
Content-ID: <Pine.LNX.4.10.10003091013511.9670@blackhole.kfki.hu>
Content-Description: kernel.patch
Content-Disposition: ATTACHMENT; FILENAME="kernel.patch"
KioqIG5ldC9uZXRzeW1zLmMub3JpZwlUdWUgRmViIDIyIDAyOjM1OjA2IDIw
MDANCi0tLSBuZXQvbmV0c3ltcy5jCU1vbiBGZWIgMjggMTQ6MzM6MzQgMjAw
MA0KKioqKioqKioqKioqKioqDQoqKiogNTg2LDU5MSAqKioqDQotLS0gNTg2
LDU5MyAtLS0tDQogIEVYUE9SVF9TWU1CT0wobmZfdW5yZWdpc3Rlcl9pbnRl
cmVzdCk7DQogIEVYUE9SVF9TWU1CT0wobmZfaG9va19zbG93KTsNCiAgRVhQ
T1JUX1NZTUJPTChuZl9ob29rcyk7DQorIEVYUE9SVF9TWU1CT0woaXBfb3B0
aW9uc19idWlsZCk7DQorIEVYUE9SVF9TWU1CT0woaXBfb3B0aW9uc19lY2hv
KTsNCiAgI2VuZGlmDQogIA0KICBFWFBPUlRfU1lNQk9MKHJlZ2lzdGVyX2dp
ZmNvbmYpOw0K
--110391808-2042659971-952593231=:9670--