1This is used to send back an error packet in response to the matched 2packet: otherwise it is equivalent to 3.B DROP 4so it is a terminating TARGET, ending rule traversal. 5This target is only valid in the 6.BR INPUT , 7.B FORWARD 8and 9.B OUTPUT 10chains, and user-defined chains which are only called from those 11chains. The following option controls the nature of the error packet 12returned: 13.TP 14\fB\-\-reject\-with\fP \fItype\fP 15The type given can be 16\fBicmp6\-no\-route\fP, 17\fBno\-route\fP, 18\fBicmp6\-adm\-prohibited\fP, 19\fBadm\-prohibited\fP, 20\fBicmp6\-addr\-unreachable\fP, 21\fBaddr\-unreach\fP, 22\fBicmp6\-port\-unreachable\fP or 23\fBport\-unreach\fP 24which return the appropriate ICMPv6 error message (\fBport\-unreach\fP is 25the default). Finally, the option 26\fBtcp\-reset\fP 27can be used on rules which only match the TCP protocol: this causes a 28TCP RST packet to be sent back. This is mainly useful for blocking 29.I ident 30(113/tcp) probes which frequently occur when sending mail to broken mail 31hosts (which won't accept your mail otherwise). 32\fBtcp\-reset\fP 33can only be used with kernel versions 2.6.14 or later. 34