Idiots question about Rules

NostrilHair · July 17, 2007, 11:55pm

As I browse the forums I see several mentions of the “catch-all BLOCK rule”.

Is that the one that reads:
BLOCK and LOG IP IN or OUT FROM IP [Any] TO IP [Any] WHERE IPPROTO IS ANY

From what I read here it seems that rule (if it is indeed the “catch-all BLOCK rule”) should be the very bottom rule - is that correct?

I have one more rule under that, which reads:
ALLOW TCP or UDP IN or OUT FROM IP [Any] TO IP [Any] WHERE SOURCE PORT IS [Any] AND DESTINATION PORT IS [Any]

Comments/advice welcome.

TIA

kail · July 18, 2007, 12:08am

Yes, that is correct. The Network Monitor rule is often referred to as the final block & log rule. This rule is created by CFP on installation & is very important. The rule blocks any unsolicited connection attempts to your system. Any rule after this rule will never be used as the final block & log rule doesn’t let anything passed that point. Rules can be moved below the the final block & log rule to disable them without altering or deleting them.