David A. Ranch <[EMAIL PROTECTED]> wrote:
>
> Rulesets are complicated but once you think about them a little, they
> are easy.
I have to agree; it shouldn't be too hard to go through the rules and
figure out what they do.
It can be quite instructive for some of you out there to "play
computer," and pretend that you have received a packet with a particular
address and port, and just go through the rulesets one by one, seeing
what matches, and why, and trying your best to predict which rule will
be used.
Then you might see why order of rules is important, and get a better
understanding of what's wrong with your rulesets, or how to augment them
for better security/performance/whatever. :)
--
[EMAIL PROTECTED] (Fuzzy Fox) || "Nothing takes the taste out of peanut
sometimes known as David DeSimone || butter quite like unrequited love."
http://www.dallas.net/~fox/ || -- Charlie Brown
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
