No.
IMO, you don't need to drop invalid connections on your ISP network.
Asymmetric paths across the internet are almost a given. It makes sense
on a customer firewall where you might be blocking a spoofed connection.
On 11/9/2015 3:11 PM, That One Guy /sarcasm wrote:
If I have some asymmetric routes on the network, and there is a drop
invalid state rule in the forward chain, is there any magician trick
to get around disabling this rule? (its considered invalid because
connection tracking is only seeing half the traffic)
fixing the assymetry is the long term solution, just curious about today
--
If you only see yourself as part of the team but you don't see your
team as part of yourself you have already failed as part of the team.
