Dynamic deal with configuration is the best selection. Simply just put in place a DHCP customer on the public interface.The first rule accepts packets from already recognized connections, assuming They're safe not to overload the CPU. The second rule drops any packet that connection tracking identifies as invalid. Following that, we arrange normal