Need Advice Should I enable all router firewall rules?

[Tiamati]

Guys, can you help me pls?

My router have this firewall rules:

1) Enable SPI IPv4: Enabling Stateful Packet Inspection (SPI) helps to prevent cyber attacks by validating that the traffic passing through the session conforms to the protocol

2) Enable Anti-spoof Checking: Enable this feature to help protect your network from certain kinds of “spoofing” attacks.

3) IPv6 Simple Security Enable or disable IPv6 simple security.

4) IPv6 Ingress Filtering Enable or disable IPv6 ingress filtering


Should I enable them? Do they actually make a lot of difference?

 

[Max90]

Questions 1 and 3 yes, you always should enable them (must haves advanced protection)
Without going into details IPv4 with NAT and SPI offers the same level of security as IPv6 Simple Security. When you see these options, you should enable them. These are the options which make your router a firewall.


Questions 2 and 4 yes it is good to enable them (nice to have extra network boundary protection)

Anti-spoof protection in laymans terms it protects the boundary of you network by dropping traffic related to stuff you use behind the firewall on the inside of your home network when it is coming from the outside of your network, there are several spoofs possible, this one explains IP-spoofing very clearly (link)

IPv6 Ingress filtering also protects the boundary of your network for IPv6