[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: iptables and INVALID packet filtering.

Hi David;

Thank you and sorry, because I forgot to mention, that I talked
about IP address spoofing protection. Sorry again. So, it seems,
that I'm in the right direction if it's about filtering; INVALID and
spoofing. For now, I will be using;

> iptables -A INPUT -m conntrack --ctstate INVALID -j DROP

...rule for INVALID packets and this one for antispoof protection;

> iptables -A INPUT -s -j DROP etc.

Thank you for that link. It is a really interesting website. iptables
is becoming more and more interesting, but pf firewall has a much
simpler syntax, but there is UFW; it seems to be a good project.

Thank you again, David. My doubts on iptables have been solved.

Best regards.

Reply to: