H
i
My intentions are very simple. Firstly, I would like to
drop all INVALID packets - for INPUT and OUTPUT chains.
That's the reason why I've asked, which rule is better to use.
I would like to create pretty good protection for a typical
computer - without any services etc. For now, it is only
for testing purposes. In the future, this computer will be
using for more ambitious things.
What are my intentions according to antispoof? Hmm... simple -
block spoofing? Of, course I can do it with e.g. rp_filter, right
(I mean /proc/sys/net/ipv4/*/rp_filter settings)?
So, when it comes to these two questions; INVALID and spoofing -
according to you, which solution is best, good? Frankly, you already
answered to question about INVALID packet filtering and
suggested, that the first rule is okay. So what about antispoof?
My knowledge of iptables is not good, but I started to use iptables
a couple of weeks ago. Previously, I've used a OpenBSD firewall
so-called pf.