As we know, an Any-Any-All-Drop rule as the last firewall rule is a security feature. If this rule blocks internet connectivity, of course we can’t use it. So what keeps maliciousness from attempting other protocols? Is there some other security built into IPFire that I’m not seeing? Is there a way to craft a firewall rule that would allow internet connectivity but provide other protocol security in IPFire?
I would imagine that the start and stop entry in the firewall.local file is your personal wireless IP network address and not what’s necessarily listed. Is this a correct assumption?