Deny vs block
-
guys i want to ask.. whats the difference deny and block in firewall rules???
newbie question.. -
Block simply discards the packet and returns no response to the source. It will cause a connection timeout on the client.
Reject sends a TCP RST to the source, which will generate a 'connection refused' message and immediately close the connection on the client.
It's generally better to use block rules on the WAN side; it will make scans take longer and removes a couple of DoS opportunities. Reject does make sense in some cases though, especially on the LAN side, where you want a quick failure, for example to block outgoing SMTP that doesn't go through your relay.