Hi all I want to allow 50% of icmp traffic to work from a default deny rule set. If I have the following all pings are replied to -
block all
pass proto icmp probability 50%
Is the only way to accomplish this to do something like the following?
block proto { tcp, udp }
block proto icmp probability 50%
If I want to block more protocols- Is there any 'short hand' I can
incorporate? - like "block proto { 2:137 }" although this does not
work.
Thanks,
Benjamin
