On Sun, Aug 11, 2002 at 06:12:15PM +0200, Carsten Menke wrote: > >block in quick on fxp0 proto tcp/udp from any to any head 100 > >block in quick on fxp2 proto tcp/udp from any to any head 200 > > > Could someone actually explain me why everybody is using 100,200,300 etc. > Isn't it possible to use just 1,2,3 ? (I know that the default group is 0).
I tend to use the numbers in the following way (obviously, the number can be expanded if you've got significantly complex rule sets): 101 -> First interface inbound default rule 111 -> First interface inbound sub-rule 1 102 -> First interface outbound default rule 112 -> First interface outbound sub-rule 1 201 -> Second interface inbound default rule 211 -> Second interface inbound sub-rule 1 202 -> Second interface outbound default rule 212 -> Second interface outbound sub-rule 1 Paul
