General discussion

Locked

IPTables

By ppuru ·
I need to optimize my IPTable filtering rules.

Please suggest whether the rule

iptables -t nat -A PREROUTING -i eth0 -s 172.16.0.0/12 -j DROP

will deal with spoofed packets better than

iptables -t filter -A INPUT -i eth0 -s 172.16.0.0/12-j DROP

Also, are these rules necessary when I have already enabled rp_filter at kernel level?

TIA

Prakash

This conversation is currently closed to new comments.

0 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Back to Security Forum
0 total posts (Page 1 of 1)  

Related Discussions

Related Forums