Ive been reading for the last week every piece of information on PF that i can find. I am in the process of building a FreeBSD 7.0 Router/Gateway and have been a little stumped by allot of the tutorials/examples out there. Most that I read say that you should always block all! But then I see a rule in the pf.conf that states

Does this rule not allow "ALL" traffic to leave the gateway/router? Why would you use a block all instead of just block in if you are going to use a rule like this?

Sorry for the very newbie question. I have allot more but i'll start with the simple one.

Hello every one! I am new to the board.

The idea is to block all traffic by default, and explicity allow traffic you want.

Remember when writing your rules, that PF operates in a 'top-down' fashion, meaning:
would allow all traffic, as it overrides the 'block all' rule.

Right. I understand that (forget it while writing rules though ) But if you are going to write a rule that allows "ALL" traffic out why block all? and not just block in? Is it just an accepted standard for writing the rules?

Reread the rule. It is allowing 'all' traffic from a particular network interface. Not from all traffic (in general).