Sunbelt the latest 4.6 version. All filter rules have been created manually. On demand particular rules are been disabled/enabled. No firewall own automatics nor learning mode is nor was in use. "Log traffic to unopened ports" is enabled. For some traffic which meets the "incoming to unopened port" criteria a advanced packet filter rule has been created manually. It was also named accordantly, just to recognize it quickly within a lot of log points. Anyhow, the firewall logs still show "to unopened port" instead of "my advanced filter rule for some inbound to unopened port" -traffic. This says to me that "block all traffic to unopened port" rule must be some internal / fixed-coded rule and must have higher prio than all advanced packet filter rules. Is this true?