On Thu, 13 Dec 2007 21:17:09 +0100 Erik Norgaard <[EMAIL PROTECTED]> wrote:
> I think it is possible to set a default rule, which for security > should be block, which means that any packet that falls through your > rule set will be blocked. I'm not aware that there is, the FAQ suggests having block in all block out all at the top. > Therefore, you should have "pass quick". With PF the last rule to be hit will be used, which means the default is normally applied at the beginning and then overridden. You don't need quick to avoid dropping off the bottom of the rules, unless you are trying to replicate an IPFW script in PF. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"