Updated REJECT documentation

author Rusty Russell <rusty@linuxcare.com.au>

Sun, 30 Jul 2000 01:10:04 +0000 (01:10 +0000)

committer Rusty Russell <rusty@rustcorp.com.au>

Sun, 30 Jul 2000 01:10:04 +0000 (01:10 +0000)
author Rusty Russell <rusty@linuxcare.com.au>
Sun, 30 Jul 2000 01:10:04 +0000 (01:10 +0000)
committer Rusty Russell <rusty@rustcorp.com.au>
Sun, 30 Jul 2000 01:10:04 +0000 (01:10 +0000)
diff --git a/iptables.8 b/iptables.8

index 2fab58ba0f490e0d0fc1667abe066aab84fee31e..3e899afbd398622abd7346363ba8f1f24e6b353c 100644 (file)
--- a/iptables.8
+++ b/iptables.8
@@ -530,13 +530,20 @@ returned:
  The type given can be 
  .BR icmp-net-unreachable ,
  .BR icmp-host-unreachable ,
-.BR icmp-port-unreachable or
-.BR icmp-proto-unreachable
+.BR icmp-port-unreachable ,
+.BR icmp-proto-unreachable ,
+.BR icmp-net-prohibited or
+.BR icmp-host-prohibited ,
  which return the appropriate ICMP error message (port-unreachable is
  the default).  The option 
  .B echo-reply
  is also allowed; it can only be used for rules which specify an ICMP
-ping packet, and generates a ping reply.
+ping packet, and generates a ping reply.  Finally, the option
+.B tcp-reset
+can be used on rules in (or called from) the 
+.B INPUT
+chain which only match the TCP protocol: this causes a TCP RST packet
+to be sent back.
  .SS TOS
  This is used to set the 8-bit Type of Service field in the IP header.
  It is only valid in the
author	Rusty Russell <rusty@linuxcare.com.au>
	Sun, 30 Jul 2000 01:10:04 +0000 (01:10 +0000)
committer	Rusty Russell <rusty@rustcorp.com.au>
	Sun, 30 Jul 2000 01:10:04 +0000 (01:10 +0000)