On 2022/07/01 20:32, Scott Colby wrote: > Hello, > > I am working to set up a relatively simple home router with OpenBSD and > pf. (A few VLANs, a few port forwards, NAT, DHCP, DNS.) I am looking for > a pointer to best practices for writing pf rules. In particular, are > quick rules or non-quick rules preferred? I am coming from pfSense, > where most rules are quick, but I'm not sure which is > preferred/advocated for in the wider pf community.
Personally I like to drop some obvious bogus traffic that I don't care about logging with block quick, then block log, then various pass rules without quick. But, use whichever makes the most sense to you, as you are the one who will be debugging the ruleset.
