Hi. I want my (firewalled)-gw responds to an ident (113 port) request with a RST packet, thus simulating the service is closed. I'm using Ipchains with kernel 2.2.17. Is there any way of doing that? Notes: - DENY simply blocks ident service. Nmap will detect the port as "blocked" (after timeout), since no packet is returned in response to SYN attempt. - REJECT works similarly to Deny, except that it will send an ICMP error message. But no tcp packet is sent in response to SYN query. The port will be detected as "blocked". The behaviour I want is NOT one of the above. What I want is a RST to be sent, so services using ident (like ftp or sendmail) doesn't have to wait for tcp request timeout. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ** RoMaN SoFt / LLFB ** roman@madrid.com http://pagina.de/romansoft ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~