J65nko used tags as I did, but he also used
quick, which you may prefer.
I'd like to highlight what I see as a value when using standard rules; which is that we are able to use a broad rule first then narrow focus for rules which follow to more specific traffic. An example of this is in the following fragment. These are the first 3
pass rules I provided above:
Code:
########
# 1. pass traffic from $lan devices to $wlan, egress, and ssh daemon here.
########
pass log from $lan tag external
pass log from $lan to $wlan tag internal
pass log proto tcp from $lan to self port 22 tag local
The first rule passes all incoming LAN traffic, and tags it as "external". The second and third rules alter the tag to either "internal" or "local" for specific traffic incoming from the LAN network, so that different outbound rules can be applied.