Advice Request Should I enable all router firewall rules?

Please provide comments and solutions that are helpful to the author of this topic.


Level 12
Thread author
Top Poster
Nov 8, 2016
Guys, can you help me pls?

My router have this firewall rules:

1) Enable SPI IPv4: Enabling Stateful Packet Inspection (SPI) helps to prevent cyber attacks by validating that the traffic passing through the session conforms to the protocol

2) Enable Anti-spoof Checking: Enable this feature to help protect your network from certain kinds of “spoofing” attacks.

3) IPv6 Simple Security Enable or disable IPv6 simple security.

4) IPv6 Ingress Filtering Enable or disable IPv6 ingress filtering

Should I enable them? Do they actually make a lot of difference?

ForgottenSeer 97327

Questions 1 and 3 yes, you always should enable them (must haves advanced protection)
Without going into details IPv4 with NAT and SPI offers the same level of security as IPv6 Simple Security. When you see these options, you should enable them. These are the options which make your router a firewall.

Questions 2 and 4 yes it is good to enable them (nice to have extra network boundary protection)

Anti-spoof protection in laymans terms it protects the boundary of you network by dropping traffic related to stuff you use behind the firewall on the inside of your home network when it is coming from the outside of your network, there are several spoofs possible, this one explains IP-spoofing very clearly (link)

IPv6 Ingress filtering also protects the boundary of your network for IPv6
Last edited by a moderator:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.