But usually UDP fragmentation floods use a high volume of bandwidth that is probably going to exhaust the capacity of the community card, that makes this rule optional and probably not by far the most useful just one.netfilter iptables (before long to get replaced by nftables) is a person-Place command line utility to configure kernel packet filter