Dynamic handle configuration is the easiest alternative. Merely build a DHCP shopper on the public interface.The first rule accepts packets from presently founded connections, assuming They may be Risk-free not to overload the CPU. The next rule drops any packet that connection tracking identifies as invalid. After that, we arrange common take rule