Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexey Vinogradov2018-01-05 00:55:51
Facebook
Alexey Vinogradov, 2018-01-05 00:55:51

Is it right to drop invalid packages in Mikrotik at the very beginning?

Hello everyone, I need advice, I'm setting up a mikrotik firewall like a closed firewall - everything is forbidden, what is not allowed, and the question arose whether it is worth dropping invalid input and forward packets at the very beginning of the rules? Or should the first rule be allowing Establishment and Relayed? In both options, the Internet and access to servers work properly.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
B
ben187, 2018-01-05
@ben187

Drop right away. They are also disabled. Why run them all over the firewall?

Report
L
l0ser140, 2018-01-05
@l0ser140

And invalid packets are still not routed any further because they are suddenly invalid.
Therefore, they can simply be rejected by the firewall immediately.

Report
G
Gansterito, 2018-01-06
@Gansterito

It is better to skip ESTABLISHED and RELATED packets as the first rule, and then drop INVALID.

Similar questions
I
Ivan Shevtsov2017-09-23 17:41:24
How to get date of birth or age via FB API? 2Reply
E
Eugene2020-02-18 17:43:35
Banned commercial Facebook account. How not to be bugged further? 1Reply
W
w_b_x2017-10-13 12:41:03
How to get a list of outgoing friend requests from a user? 1Reply
V
Vasya Nikolaev2017-10-29 13:50:48
Why is my Facebook account blocked shortly after registration? 1Reply
K
KirbySattler2020-03-13 17:23:27
How to fix this error in facebook widget? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question