> block in log quick on $ext_if inet proto tcp from any to any flags FUP/FUP > block in log quick on $ext_if inet proto tcp from any to any flags SF/SFRA > block in log quick on $ext_if inet proto tcp from any to any flags /SFRA
Those rules only block FIN, Xmas and NULL scans. TCP connect() and SYN scans
work as usual.
--
Tiago Pierezan Camargo <elessar at matrix.com.br>
(o_.' The boozy penguin says:
//\c{} "VI VI VI The editor of the beast."
V__)_
