On Sunday 13 February 2005 15:03, Jose Maria Lopez Hernandez wrote: > El dom, 13-02-2005 a las 09:28 +0300, Mikhail Zotov escribiÃ: [snip] > > Can the following rules do any harm? > > > > iptables -A FORWARD -i $EXTERIOR_INTERFACE -d $LAN.BROADCAST -j DROP > > If you are don't want to receive traffic your broadcast it's OK. > > > iptables -A FORWARD -i $EXTERIOR_INTERFACE -d ! $LAN.IP.ADDRESSES.RANGE -j DROP > > And this it's another anti-spoofing rule. I'll tell you the same that > for the previous rule. It's OK if the $LAN.IP.ADDRESSES.RANGE it's OK. Thank you very much for the answer. I'm really glad the rules don't break any network things I am not aware about yet. :-) Regards, Mikhail
