Dynamic address configuration is the best choice. Simply just create a DHCP client on the public interface.The first rule accepts packets from currently founded connections, assuming They're Safe and sound to not overload the CPU. The 2nd rule drops any packet that connection tracking identifies as invalid. After that, we set up normal accept regul