By Default, Pinging is fine to both yahoo.com and Google.com
If we turn on the firewall, to Drop icmp to google, and Reject UDP to yahoo.com
then ping google by ip which is rejected by firewall policy
What about TCP
SO, Drop means pretend the port is not open, which is like a implicit denial .
Reject means explicit denial.
No comments:
Post a Comment