If one data packet matches the rule, the following rules of the rule set will not be taken into account. Then I made a rule: It should be a rule just for recoding packets in and out. Actually,it's a rule equal "allow all"..... It's a question that puzzles me.. Did I misunderstand the meaning of "If one data packet matches the rule, the following rules of the rule set will not be tak........."?
Hi, If this kind of rule (without the ) applies, then another rule is in charge of allowing or blocking the packet. However, in the log you will see the name of the first rule which has applied. And if this rule is without the , then the +/- indication is the 1st column is not relevant with the current implementation (this could be improved). The important thing is that the packet is anyway blocked/allowed according to the other rules (and according to the definition). (You can make a test by blocking temporarily the rule allowing usual TCP connections, "TCP : Authorize most common Internet services", to verify that). Regards, Frederic