Keep good default rules. Add admin required traffic flow rules. DROP all else in both input and forward chains.
Use interface lists for all subnets, use dst/src address for single subnets, use interface when appropriate aka like wireguard, use firewall address lists if not covered by the three previous methods.
Use interface lists for all subnets, use dst/src address for single subnets, use interface when appropriate aka like wireguard, use firewall address lists if not covered by the three previous methods.
Statistics: Posted by Mesquite — Fri Feb 09, 2024 12:38 am