Dynamic tackle configuration is the easiest selection. Just setup a DHCP shopper on the general public interface.The first rule accepts packets from already set up connections, assuming They're safe to not overload the CPU. The 2nd rule drops any packet that connection tracking identifies as invalid. Following that, we build normal take guidelines