Firewalls What Are They, What Do They Do, and What Do They Protect Against?

Because IP options are rarely used in IPv4, better off dropping the packets, or at least logging them.

The “Don’t Fragment” option is used in MTU discovery.

In any case, ipchains doesn’t give access to the IP options field.