Comment on Am I doing this (networking) safely?
non_burglar@lemmy.world 23 hours agoThis is a waste of time and your router’s CPU. You already have a whitelist and know your safe TCP sources, just drop all wan traffic and only allow new input from whitelist. Your chain input rule is just creating a pretty list of bots you’re dropping anyway.
redlemace@lemmy.world 22 hours ago
Well, here is the CPU load:
Image
And there is no increase on delay’s or jitter compared to what i’m already facing on the WAN itself.
It keep’s 6000+ hosts with possible harmful intend away from the ports I need/want open to the world. Actually, the router -while still being bored- offloads the services behind it. I really can’t see a reason not to keep doing it. But, sure, it’s a personal choice.
non_burglar@lemmy.world 20 hours ago
Didn’t you say you have whitelist of allowed ips? Why don’t you just drop any other inbound traffic?
redlemace@lemmy.world 20 hours ago
Not exactly.
So all IP’s are allowed to begin with, but some (“my” IP’s like at home, my office etc) are on a whitelist ahead of everything else. They can’t become blacklisted to avoid myself becoming locked out. Then it’s the drop all on the blacklisted, followed by portscan detection. Only after that the ‘normal’ rules (allow https, smtp etc) begin.