On Thu, 30 Sep 2004 22:49:52 +0200, Pavel Cahyna
<pavel.cahyna@st.cuni.cz> wrote:
> IMHO earlier versions of IPF were correct. If the default is to pass and
> there are no block ... rules, packets should not be blocked. I would not
> expect rules starting with "pass" to block anything. If the echo reply is
> accepted by keep state rule is irrelevant, because even if it is not
> accepted, this is not a reason to block it, as there are no "block" rules.
> Do you agree?

I agree that if the default was to pass, then another "pass" rule
shouldn't block it. None of the messages in this thread indicated the
default was to pass, so I didn't take that into consideration.

-- 
Rich

AIM : rnezzy
ICQ : 174908475