Questions

1. Identify the three main options of a firewall rule’s Action setting and how they differ (assume we are not concerned with floating rules).
2. What do we mean when we say that pfSense is a stateful firewall?
3. What are the two main types of filtering that firewalls perform?
4. Why is it generally considered a bad idea to log packets that match a firewall rule?
5. (a) Identify the main differences between floating rules and other firewall rules.
   (b) What option can we use if we want to ensure that a floating rule is evaluated before rules for specific subnets/interfaces?
6. If we want traffic entering our network through a specific port to be sent to a node on our internal network, is it enough to create a valid port-forwarding entry for that port and that node? Why or why not?
7. (a) Can we use port-forwarding to map a single port to several different internal nodes? (b) Can we use port-forwarding to map several ports to the same internal node?
8. If we want to map one public IP address to a single private IP address, what feature should we use?