Hi David; Thank you and sorry, because I forgot to mention, that I talked about IP address spoofing protection. Sorry again. So, it seems, that I'm in the right direction if it's about filtering; INVALID and spoofing. For now, I will be using;
> iptables -A INPUT -m conntrack --ctstate INVALID -j DROP ...rule for INVALID packets and this one for antispoof protection; > iptables -A INPUT -s 10.0.0.0/8 -j DROP etc. Thank you for that link. It is a really interesting website. iptables is becoming more and more interesting, but pf firewall has a much simpler syntax, but there is UFW; it seems to be a good project. Thank you again, David. My doubts on iptables have been solved. Best regards.
