On Fri, Nov 16, 2007 at 03:20:34PM +0200, N. Ersen SISECI wrote: > I changed PF's default rule in kernel (pf_ioctl.h). And than i restarted > my server. Uh, if you do that you deal with the fallout yourself ;) Seriously, there is no reason to do that. Adding a block rule to your ruleset does the trick of defaulting to blocking. Daniel