Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 6f489c42 authored by JP Abgrall's avatar JP Abgrall Committed by Arve Hjønnevåg
Browse files

netfilter: have ip*t REJECT set the sock err when an icmp is to be sent 



Allow the REJECT --reject-with icmp*blabla to also set the matching error
locally on the socket affected by the reject.
This allows the process to see an error almost as if it received it
via ICMP.
It avoids the local process who's ingress packet is rejected to have to
wait for a pseudo-eternity until some timeout kicks in.

Ideally, this should be enabled with a new iptables flag similar to
   --reject-with-sock-err
For now it is enabled with CONFIG_IP*_NF_TARGET_REJECT_SKERR option.

Change-Id: I649a4fd5940029ec0b3233e5abb205da6984891e
Signed-off-by: default avatarJP Abgrall <jpa@google.com>
parent 22aca520
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment