General discussion



By ppuru ·
I need to optimize my IPTable filtering rules.

Please suggest whether the rule

iptables -t nat -A PREROUTING -i eth0 -s -j DROP

will deal with spoofed packets better than

iptables -t filter -A INPUT -i eth0 -s DROP

Also, are these rules necessary when I have already enabled rp_filter at kernel level?



This conversation is currently closed to new comments.

0 total posts (Page 1 of 1)  
Thread display: Collapse - | Expand +

All Comments

Back to Security Forum
0 total posts (Page 1 of 1)  

Related Discussions

Related Forums