Hi David;
Thank you and sorry, because I forgot to mention, that I talked
about IP address spoofing protection. Sorry again. So, it seems,
that I'm in the right direction if it's about filtering; INVALID and
spoofing. For now, I will be using;
> iptables -A INPUT -m conntrack --ctstate INVALID -j DROP
...rule for INVALID packets and this one for antispoof protection;
> iptables -A INPUT -s 10.0.0.0/8 -j DROP etc.
Thank you for that link. It is a really interesting website. iptables
is becoming more and more interesting, but pf firewall has a much
simpler syntax, but there is UFW; it seems to be a good project.
Thank you again, David. My doubts on iptables have been solved.
Best regards.