Comment 13 for bug 1834974

Revision history for this message
Haw Loeung (hloeung) wrote :

Also, can the rules use something else rather than icmp-host-prohibited? That gives back 'No route to host' which is wrong:

| $ nc -vz 80
| nc: connect to port 80 (tcp) failed: No route to host

This made me waste a bit of time trying to figure out if it's routing somewhere between our network (and my local network) and OCI.

For TCP, perhaps tcp-reset?

For UDP, or the rest, icmp-port-unreachable?