hagen wrote:Most were from my ISP: port 67 (bootps), port 68 (bootpc), and DNS-related. The unwary could get into trouble blocking these.
I'll be surprised if there are an 'endless' variety of these sort of basic system functionality connections, so perhaps a better factory default setup is to include rules to allow these common ISP connections rather than any UDP or ICMP incoming connection. At the least, I hope for better documentation about the nature and control of these type connections. The current description instills a bit of fear about disabling these rules which, in my case at least, has been a non-event.
I wish managing typical TCP connections were as non-disruptive and inconsequential as disabling these Protected Rules.