Reply To: default forward rule drop not working

Home Page Forums Network Management ZeroShell default forward rule drop not working Reply To: default forward rule drop not working

#46317

imported_fulvio
Participant

L7 filters use connection tracking to classify the traffic and usually need more than one packet to recognize the protocol. For this reason you should not use a Layer 7 filter with the target ACCEPT if the default policy is DROP. In other words, L7 filter work better in QoS classification than in firewall rules.

Regards
Fulvio