Comment on Am I doing this (networking) safely?
redlemace@lemmy.world 1 day agoWell, here is the CPU load:
And there is no increase on delay’s or jitter compared to what i’m already facing on the WAN itself.
It keep’s 6000+ hosts with possible harmful intend away from the ports I need/want open to the world. Actually, the router -while still being bored- offloads the services behind it. I really can’t see a reason not to keep doing it. But, sure, it’s a personal choice.
non_burglar@lemmy.world 22 hours ago
Didn’t you say you have whitelist of allowed ips? Why don’t you just drop any other inbound traffic?
redlemace@lemmy.world 21 hours ago
Not exactly.
So all IP’s are allowed to begin with, but some (“my” IP’s like at home, my office etc) are on a whitelist ahead of everything else. They can’t become blacklisted to avoid myself becoming locked out. Then it’s the drop all on the blacklisted, followed by portscan detection. Only after that the ‘normal’ rules (allow https, smtp etc) begin.