我的目的是寻求保护,不需要成为服务器,所以我想避免各种 SSDP,我找到了一些代码,需要知道它是否足够或太多:
iptables -I INPUT 1 -p icmp -j DROP
iptables -I INPUT -p icmp --icmp-type 0 -j DROP
iptables -I INPUT -p icmp --icmp-type 8 -j DROP
iptables -I INPUT -p icmp --icmp-type echo-reply -j DROP
iptables -I INPUT -p icmp --icmp-type echo-request -j DROP
iptables -I INPUT -p icmp --icmp-type echo-reply -m state --state NEW,ESTABLISHED,RELATED -j DROP
iptables -I INPUT -p icmp --icmp-type echo-request -m state --state NEW,ESTABLISHED,RELATED -j DROP
iptables -I OUTPUT 1 -p icmp -j DROP
iptables -I OUTPUT -p icmp --icmp-type 0 -j DROP
iptables -I OUTPUT -p icmp --icmp-type 8 -j DROP
iptables -I OUTPUT -p icmp --icmp-type echo-reply -j DROP
iptables -I OUTPUT -p icmp --icmp-type echo-request -j DROP
iptables -I OUTPUT -p icmp --icmp-type echo-reply -m state --state NEW,ESTABLISHED,RELATED -j DROP
iptables -I OUTPUT -p icmp --icmp-type echo-request -m state --state NEW,ESTABLISHED,RELATED -j DROP
我听说过表格 mangle 和 raw,我也应该使用它们吗?