Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexey Vinogradov2018-01-05 00:55:51
Facebook
Alexey Vinogradov, 2018-01-05 00:55:51

Is it right to drop invalid packages in Mikrotik at the very beginning?

Hello everyone, I need advice, I'm setting up a mikrotik firewall like a closed firewall - everything is forbidden, what is not allowed, and the question arose whether it is worth dropping invalid input and forward packets at the very beginning of the rules? Or should the first rule be allowing Establishment and Relayed? In both options, the Internet and access to servers work properly.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
B
ben187, 2018-01-05
@ben187

Drop right away. They are also disabled. Why run them all over the firewall?

Report
L
l0ser140, 2018-01-05
@l0ser140

And invalid packets are still not routed any further because they are suddenly invalid.
Therefore, they can simply be rejected by the firewall immediately.

Report
G
Gansterito, 2018-01-06
@Gansterito

It is better to skip ESTABLISHED and RELATED packets as the first rule, and then drop INVALID.

Similar questions
Z
zapik2016-01-12 21:32:01
How to organize comments on the site from different social networks. networks in one block? 2Reply
M
Mskleps2013-02-26 23:27:05
Hard Ban on Facebook Ad Accounts 1Reply
W
web_dev2013-04-09 20:43:46
Estimate the amount of work (time): authorization using various services (sites) or not too complicated firefox plugin? 2Reply
D
Dr_Gonzo2016-01-30 12:05:48
How to setup fb-autopost module on drupal? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question