In message <20050208194835.GB27486@beverly.kleinbus.org>, Ignatios Souvatzis wr
ites:
>
>--hHWLQfXTYDoKhP50
>Content-Type: text/plain; charset=us-ascii
>Content-Disposition: inline
>Content-Transfer-Encoding: quoted-printable
>
>Hi,
>
>Bryan Phillippe wrote:
>
>> We should probably make an analogous change to tcp4 as well.  As someone
>> else pointed out, some firewalls (including the one I wrote for my
>> employer's network device) can return "administratively prohibited" for
>> blocked services.
>
>"can return"?=20
>
>What, if not this condition, would "administratively prohibited" be used=20
>for?
>

Some firewalls simply silently drop the packets, without returning 
anything.

		--Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb