Messages

1

22.7 Legacy Series / Rule evaluation order of non-quick rules in the Floating Rules section

« on: January 25, 2023, 11:44:41 pm »

I was trying to put a rule for catching all out-of-state packets so that the Default Deny rule really and only lists/blocks illegitimate traffic. Put that rule also into the floating section right above the default Deny rule. After some testing I get the impression, that the non-quick rules get evaluated in reverse order (compared to how they appear in the list). Hence, if I place the Out-Of-State rule BEHIND the Default Deny rule, the Out-of-State will be sorted out and Default Deny is left for just the illegitimate traffic.

Can somebody confirm, this is by design? Thanks.

And: thanks for this great piece of software!