Steve Shorter wrote: > > Groups ONLY work with rules. The rule can be about interfaces or >ports or whatever you want. You put one rule at the "head" of a group >and that branches the decision tree. > > > Maybe like this. > >block in quick on fxp0 proto tcp/udp from any to any head 100 >block in quick on fxp2 proto tcp/udp from any to any head 200 >block out quick on fxp2 proto tcp/udp from any to any head 300 >block out quick on fxp0 proto tcp/udp from any to any head 400 > > -steve > > > > Gooood, that this thread comes up, as I want also post this topic :-)
Could someone actually explain me why everybody is using 100,200,300 etc. Isn't it possible to use just 1,2,3 ? (I know that the default group is 0). 2. So the rule defining the Head does work as a normal rule ? Means it will block traffic in on fxp0 in your first rule example ? Thanx Carsten
