Log Denied
By default, if any packet does not match any rule, then that packet
is dropped. If the firewall does not explicitly allow the service,
then it is not allowed. However, these packets are not logged by
default. You definitely want to log this traffic, much of your unauthorized
traffic happens here. To do that, we create a drop all and log rule,
which gets placed at the end of the rulebase. This is another of
those rules that all firewalls should have, if not already by default.