On 03-Sep-99 Marcin Owsiany wrote: > > Isn't it the other way round? > I can remember that "DENY" means "drop packet on the floor", while > "REJECT" > means to send back an ICMP packet saying: "connection refused" > And when someone wants to connect to a port, on which nothing is > listenning, > he/she will get an ICMP reply "connection refused" - for example if you > point your browser at a host without httpd running, you will get > "connection > refused". But if there is a rule saying to DENY packets from you, you > will > have to wait for a timeout. > > correct me if i'm wrong
I believe this is exactly what George was saying. -- Andrew
