It does exactly what you said, it REJECTS the packet. Reject means that a "reject packet" is send back to the remote host. If you had a deny rule here, the firewall would just drop the packet (thats the difference between deny and reject). NMAP gets the reject packet and assumes that the port is there but closed (hence the "closed" state). 113 is usually set to REJECT instead of DENY because some services tend to take some time to realize that auth over 113 is disabled when they are waiting for the response. Reject tells em that auth is disabled. ciao Tom Pep wrote:
When I scan the TCP ports from the external iface I see that port 113 is not rejected:
22/tcp open ssh 25/tcp open smtp 80/tcp open http 113/tcp closed auth 443/tcp open https
-- this is a maillist account, so please send personal replies to cso[at]trium[dot]de