ihateapple.net

Main Forum Index

Forum Home

Post Reply

Email Forum Admins

Log In

Search Forums

Read Messages

Send a Message

Edit Your Settings

Forum Rules

Help


It shouldn't.....
By:  Sycraft (Administrators; 20820)
Posted on: 08-12-2019 12:05.
Client: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36
IP: Logged 
Message views: 18 (Score: 0 Protected)  


The way all the firewalls I've ever used work is they go down the list of rules looking for a match. Once it hits a rule that matches, that is processed, the action is taken, and it stops looking for more rules.

For a rule to match EVERYTHING must match, source, destination, port, protocol, etc, etc. This is why those are often "any" because if you don't care what it is, then it matches. So the first rule that matches all criteria for a given packet gets processed. If no rule matches everything by the end, the default rule is applied (which is usually to drop the packet).