News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  Firewall/NAT
linktree Topic: Blocking Policy
Pages: [1]
Topic: Blocking Policy  (Read 1408 times)
« on: December 14, 2007, 23:03:46 »
f41thr *
Posts: 28
Question about the aproppriate blocking policy.

What is better: return or drop. If I remember correct m0n0wall configuration is blocked. So ports are stealth whilst beeing scanned. For some experimental reason I configured now OpenBSD on my wrap and play a little bit with pf.conf.

Reason for thie experiments. My VPN client still didn't work with m0n0, see my other posting. It works now with my OpenBSD installation.


F41THR
« Reply #1 on: December 20, 2007, 11:44:18 »
apnovi *
Posts: 13
Drop is better as it simply ignores the packet, Im presuming Return is the same as reject meaning a responce is returned to the packet sender meainig they will know of your machines existance.
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines