The other time, I was referring to Craig's filter book. I am now able
make a perfect working BM , following his book. But, I have a
doubt on the defaults filters and default filter exceptions.

Rule 1: The default filters block all traffic FROM and TO the public INTERFACE.

Rule 2- (one of the )Default filter exceptions allows all outgoing IP

traffic FROM public "IP ADDRESS" to public "INTERFACE".

Let us think about an IP packet, that is passed from the public IP
to public INTERFACE as per 'rule 2' Now which rule(filter exception)
take it out of public interface to the destination host that is in the


Did I miss something in Rule 2? I can understand it if Rule 2 is made

like "Default filter exception allows all IP traffic from public IP
address to ANY HOST", But it is not that way.

In effect, how do I conceptualize the INTERFACE and the IP ADDRESS.

Note: Capitalization just to make the reading easy. Please do not feel