On 11/06/2013 01:26 PM, mick wrote: > I disagree. Dropping all traffic other than that which is > explicitly required is IMHO a better practice. (And how do you know > in advance which ports get attacked?)
Using reject instead of drop simplifies troubleshooting. http://www.chiark.greenend.org.uk/~peterb/network/drop-vs-reject Drop tends to get in the way. Regards, /Lars _______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
