iptables -P FORWARD DROP, good or bad?

iptables

Is your machine a router? Is it expected to do something with packets that it receives that are not destined for your machine?

You can safely drop packets if you are not expected to forward them, though it's probably a sign of a misconfigured network if you are receiving them.


The FORWARD chain is used to manage packets that are being routed through the machine. If the machine is a router then dropping all packets in the FORWARD chain would be bad. If it's not a router then you can drop packets in the FORWARD chain (if they ever get there).

Related

mail delivered then removed in postfix
Linux vs Windows 7 Web server performance differences
Services Accounts
Mysql sudden slowdown, what potential causes?
Checksumming to verify rsync transfers
How to make sendmail to relay local mails?
What does monit consider to be memory usage?
What Read Ahead setting on a RAID controller should be used for various workloads?
Hour-long shutdown duration "shutting down hyper-v virtual machine management service"
Can a Barracuda Spam Filter 300 reject mail based on DNS?
Angular ngx-translate usage in typescript
what does Mono.defer() do?