makes sense, thank you On Mon, Nov 9, 2015 at 2:30 PM, Adam Moffett <dmmoff...@gmail.com> wrote:
> No. > > IMO, you don't need to drop invalid connections on your ISP network. > Asymmetric paths across the internet are almost a given. It makes sense on > a customer firewall where you might be blocking a spoofed connection. > > > On 11/9/2015 3:11 PM, That One Guy /sarcasm wrote: > > If I have some asymmetric routes on the network, and there is a drop > invalid state rule in the forward chain, is there any magician trick to get > around disabling this rule? (its considered invalid because connection > tracking is only seeing half the traffic) > > fixing the assymetry is the long term solution, just curious about today > > -- > If you only see yourself as part of the team but you don't see your team > as part of yourself you have already failed as part of the team. > > > -- If you only see yourself as part of the team but you don't see your team as part of yourself you have already failed as part of the team.