When I install LnS and activate the SPF-feature, do I need to import the raw rules posted in this forum? Activating the SPF-feature should tighten the security, right?
Hi, When you just enable the SPF-Feature, only the TCP SPF is enabled (and packet not belonging to a valid TCP connections are blocked). The other SPF rules are for connectionless protocols (ARP, ICMP, UDP). With these rules an incoming packet will be accepted only if the PC has sent first a packet, and both packets have to match (a control is made on hearders or contents). A typical case is the ping. By default, standard rulesets accept all incoming ping responses. With the SPF ICMP Echo rule, a ping response is accepted only if the PC has sent first a ping request. Regards, Frederic
