pfSense

On this page:

https://doc.pfsense.org/index.php/Firewall_Rule_Basics

It says:

"The default on all interfaces is to deny traffic, and only what is explicitly allowed via firewall rules will be passed.

Which is misleading without further explanation. It needs to be clarified that the default out-of-the-box configuration of pfSense includes rules that explicitly allow all traffic to pass, so to deny traffic, those rules must be disabled or deleted. This detail is critical in applications where data leaks could be catastrophic, like the use case described here:

https://www.livebusinesschat.com/smf/index.php?topic=5410.0

I could fix this myself, but I don't have a wiki account and I'm not sure how to get one. There are other problems on that page that could benefit from some clarification, but none of them are urgent like this issue is.

Here's a permalink to the page described in this report:

https://doc.pfsense.org/index.php?title=Firewall_Rule_Basics&oldid=5437