I found on my OpenWrt router some default firewall rules.
These rules makes sense and are clear how to realize it on ROS.
Code: Select all
DROP all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
Code: Select all
ACCEPT gre -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere reject-with tcp-reset
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
DROP tcp -- anywhere anywhere tcp option=!2 flags:SYN/SYN