Hello everybody,
I think, the following improvements would be pretty nifty:
1.) Webadmin-option for changing the PF default policy between DROP, LOGDROP, REJECT and LOGREJECT
2.) An extended "any"-Destination, which not only generates a rule in USR_FORWARD but also in USR_INPUT. At the moment I have to create two different rules e.g. for silently dropping all netbios-traffic seen on the ASL: One with destination "any" and one with destination "External (Address)" for example.
This behavior is not exactly what I would have expected, as "any" IMHO should include the firewall itself.
3.) I'm missing the possibility for using Rule-Inversion as provided by iptables via the exclamation mark.
Any comments?
Regards,
-XoF-
This thread was automatically locked due to age.