Re: iptables firewall

To: debian-user@lists.debian.org
Subject: Re: iptables firewall
From: Sven Hartge <sven@svenhartge.de>
Date: Wed, 30 Jul 2014 17:43:56 +0200
Message-id: <[🔎] casdolq96qv8@mids.svenhartge.de>
References: <[🔎] 20140730081851.70446356@jretrading.com> <[🔎] 20140730153335.GE14982@playground>

Mike McClain <mike.junk@nethere.com> wrote:
> On Wed, Jul 30, 2014 at 08:18:51AM +0100, Joe wrote:

>> And as someone else asked, why are you worried about this 'stealth'?
>> As long as the bad packets don't get in, what does it matter?

> Why is there a DROP instruction in iptables as well as REJECT?

Sometimes you want to DROP packets, if you know what you are doing. For
example in combination with a rate limit. REJECT 3 packets every second,
DROP the rest, to counter any flooding attack but provide normal
operations for normal connection attempts.

Grüße,
Sven.

-- 
Sigmentation fault. Core dumped.

Reply to:

References:
- Re: iptables firewall
  - From: Joe <joe@jretrading.com>
- Re: iptables firewall
  - From: Mike McClain <mike.junk@nethere.com>

Prev by Date: Re: iptables firewall
Next by Date: Re: iptables firewall
Previous by thread: Re: iptables firewall
Next by thread: Re: iptables firewall
Index(es):
- Date
- Thread