Deny vs block
iamthed last edited by
guys i want to ask.. whats the difference deny and block in firewall rules???
ktims last edited by
Block simply discards the packet and returns no response to the source. It will cause a connection timeout on the client.
Reject sends a TCP RST to the source, which will generate a 'connection refused' message and immediately close the connection on the client.
It's generally better to use block rules on the WAN side; it will make scans take longer and removes a couple of DoS opportunities. Reject does make sense in some cases though, especially on the LAN side, where you want a quick failure, for example to block outgoing SMTP that doesn't go through your relay.