y2hh wrote:I assumed the rules were already in order for a specific service.
The rules are already in order for a specific app or process, per the help file. But there are also default rules for Any Process, and they might be higher priority.
My SSH only contains 2 rules for inbound traffic, as I stated:
Rule 1 for SSH: Allows my work IP
Rule 2 for SSH: Blocks all IP's
I assumed that when it inspected inbound traffic on port 22 destined for the sshd process, it would hit the first rule listed, and if it matches, allow it...and then not allow anything else as the second rule for ssh says deny all. Somewhat how a Checkpoint of ASA firewall works (top down).
I'm thinking about what happens if you have a rule SSH: deny all, and above it in the priority list is a rule Any Process: Allow UDP. The connection will be allowed if UDP, denied if TCP.
It's possible this app doesn't quite work that way, which would mean I have to re install waterroof and apply an IPFW rule set I have for SSH access...from the looks of things, that's what I'm going to have to do...it doesn't appear as if LS's inbound firewall is quite at that level of granularity.
Have a look at this thread. It might help, although it's a different topic.
viewtopic.php?f=1&t=6936&p=22442&hilit=ipv6#p22442