204778If one data packet matches the rule, the following rules of the rule set will not be taken into account.
Then I made a rule:
204780
It should be a rule just for recoding packets in and out.
Actually,it's a rule equal "allow all".....
204781
It's a question that puzzles me.. Did I misunderstand the meaning of "If one data packet matches the rule, the following rules of the rule set will not be tak........."?

Hi,

If this kind of rule (without the http://www.wilderssecurity.com/attachment.php?attachmentid=204778) applies, then another rule is in charge of allowing or blocking the packet.

However, in the log you will see the name of the first rule which has applied.
And if this rule is without the http://www.wilderssecurity.com/attachment.php?attachmentid=204778, then the +/- indication is the 1st column is not relevant with the current implementation (this could be improved).

The important thing is that the packet is anyway blocked/allowed according to the other rules (and according to the definition).
(You can make a test by blocking temporarily the rule allowing usual TCP connections, "TCP : Authorize most common Internet services", to verify that).

Regards,

Frederic

Hi, Frederic
I enable the rule "block all",and it works.

Thanks;D