Project

General

Profile

Actions

Bug #2452

closed

Reject type rules only allowed for TCP

Added by Charles Orus over 12 years ago. Updated over 12 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
Rules / NAT
Target version:
-
Start date:
05/24/2012
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.1
Affected Architecture:

Description

I am sorry if I report intended behaviour. But I don't understand why rules of type reject only are allowed with TCP. I would expect that a reject rule would mean 'reject where possible, else drop it.' For example, with UDP rejections pfsense can send ICMP port/host unreachable for UDP too? And even for ICMP I would expect this -- if I send a ping from a LAN host but it is rejected, why not return 'icmp host unreachable' or 'administratively prohibited?'

Thanks for either fixing or explaining. :)

Actions

Also available in: Atom PDF