Manuel

> > block in log quick on ippp0 proto tcp from any to any port 136 >< 140
> 
> I use the second form myself. I don't think one consume more
> resources than the other in ipf, but the second form is less error-prone.


Yes.  I thought something like that would be correct.  Wanted to make 
sure I'd got it right.  Looks like my firewall is now working fine.  
Keeps blocking in with frag and short and on the ports that I selected.

Thanks very much :)




Richard