Hi people, I know that fragmented packets arriving to a firewall it's a security hole, because there are a lot of attacks using this characteristic. I'm using Linux + Iptables in my firewall and I don't want packet fragmentation coming to my firewall and to the LAN, so I ask you: Where do I have to discard the packet fragmentation in my firewall, using a specific iptables rule or in the kernel settings (maybe at /proc/sys/net/ipv4) ??? Can you tell me this ??? Thanks a lot, Alejandro
