Neil Cherry wrote:
I'm betting you're responding with a reset or something. Maybe it
would be a good idea to show us you're rules (you can make up
the IP's but keep them consistent).
That would not be consistent then. I used to reset in the past, and
traffic wasn't anything like it is now that I drop. I'd sent a rest, I
might get two or three more packets and then it would go silent. Now
that I'm dropping packets (and trust me when I say I'm dropping it, I've
had others try and I'm sniffed it myself, they're being dropped),
traffic seems to have gotten worse. It's almost like, because I'm not
sending a reset back, which would cause the sender to now have to read
that packet and see that it's a reset, now they're just going into
oblivion, so there's no more processing on their end, so why not keep
sending? At least, that's my thinking. If I send a reset (or port/host
unreachable), they have to process that before continuing...now they don't.
I don't know...it's all a fine line I suppose.
