Use DROP instead of REJECT.

REJECT action tells tables to send back an ICMP message indicating that you're REJECTing the packet. DROPing will just DROP with no further action.

--

On Thu, 2002-10-10 at 09:13, Julio Cesar Ody wrote:

Hello. I'm using Slackware 8.1, kernel 2.4.18 and iptables v1.2.7a. I 
blocked external acess to some services using the following rule:

iptables -A INPUT -i ! eth0 -p tcp -m multiport --destination-port 
<port1>,<port2>,<blablabla> -j REJECT

However, when I perform a stealth scan using nmap on my host, I still 
can see them running, but instead of "opened" I get them as "filtered". 
Is there a way to block these results, making the services literally 
invisible ? Appreciate any help, and also any technical information 
(links, docs) regarding the answer.



Julio Cesar Ody