• Thomas@lemmy.douwes.co.uk
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    edit-2
    1 year ago

    Who needs all this crazy firewall stuff when I have my

    iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
    iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
    iptables -A INPUT -i ppp0 -j DROP
    

    And for IPv6 you don’t need a firewall, just use slaac and hope no one finds the address /s