i do it like this:
block in log quick proto tcp all flags FUP block in log quick proto tcp all flags SAFRU/SAFRU block in log quick proto tcp all flags SF/SF block in log quick proto tcp all flags SR/SR
I'll have to scratch my head over that one for a bit, before I understand it, but I guess you're saying that the above 4 rules imply a fifth in that if none were set, it couldn't get through them, right?
I really dislike implied rules, and avoid them if at all possible, as they are hard to maintain. :) Is there no way to explicitly test for no flags being set?
-ste
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
