IPFW and sysctl variables questions
I'm wanting to write a simple firewall for my bastion host(mail server). In Linux you can enable source address verification as a sysctl variable. This defeats some spoofing attacks. Does "source address verification" have to be done in IPFW or is there a sysctl variable for for this? Also which icmp messages would you recommend dropping?(for the moment i don't have time to set up snort, so i want as little traffic as possible getting through)
How would you recommend dealing with fragmented packets, bearing in mind that the only other firewall in front of this mail server is my border router(Internet gateway)?
Thanks for any advice