On Fri, 01 Jul 2022 20:32:44 -0400 "Scott Colby" <[email protected]> wrote:
Hello, > I am working to set up a relatively simple home router with OpenBSD > and pf. (A few VLANs, a few port forwards, NAT, DHCP, DNS.) I am > looking for a pointer to best practices for writing pf rules. In > particular, are quick rules or non-quick rules preferred? I am coming > from pfSense, where most rules are quick, but I'm not sure which is > preferred/advocated for in the wider pf community. I think quick rules are far more readable and easier to understand. Also the evaluation of the rule set is costly in performance and quick rules may avoid to evaluate all the rules. But this should not be a problem for a home router. It's a matter of personal taste, IMO don't use both quick and non-quick rules in the same rule set. Regards,
