The react Keyword

You can use the react keyword to send a default HTML page to the TCP connection client when a packet triggers the rule; after sending the HTML page, the system uses TCP reset packets to initiate active responses to both ends of the connection. The react keyword does not trigger active responses for UDP traffic.

Optionally, you can specify the following argument:

msg

When a packet triggers a react rule that uses the msg argument, the HTML page includes the rule event message.

If you do not specify the msg argument, the HTML page includes the following message:


You are attempting to access a forbidden site. Consult your system administrator for details.

Note	Because active responses can be routed back, ensure that the HTML response page does not trigger a `react` rule; this could result in an unending sequence of active responses. Cisco recommends that you test `react` rules extensively before activating them in a production environment.