Let me pose an example and see if I understand the basics of the expert rules. I have a router/firewall that broadcasts to syslog on UDP 514; I have created a rule calledSYSLOG that allows my PC IP of 220.127.116.11 to communicate with 18.104.22.168 (default gateway). I have also created a second rule called BLOCK that blocks any source and any destination for UDP 514. Am I correctly interpreting the rules ? Everything seems to be working fine.
Operating System:Windows XP Pro
Product Name:ZoneAlarm Pro