If you're on a typical home network, modem/router with NAT, you don't actually need a local firewall any way.
Over the past few days surfing new sites I did my normal NoScript thing to selectively allow JavaScript for the site I was visiting. I noticed that each of the sites only had 2 scripts listed that wanted JS enabled. One for the domain I was visiting needed JS enabled for full functionality (not all do including mine) but the second was the same plain IP address on every site that wanted JS enabled as well. Didn't happen. Thank you, NoScript
When I checked the IP# it belonged to my ISP and it was not even the same sub-net my machine was using. So I made a new rule and blocked it, rebooted and am still able to access the net.
That doesn't mean my ISP can't track me but they'll be doing it without JS enabled and not from that IP# or any other NoScript alerts me to thanks to
pf.
I'm on a typical home Ethernet LAN with a commercial router/firewall but don't trust it nearly as much as
pf and wouldn't think of going online without it enabled. Setting up
pf is the first thing I do when rebuilding my system.
Edit: It wasn't quite as easy as only making a block in rule. It still showed up when visiting a site tonight so I made one to block outgoing traffic to that IP#. Now I can't access the site from my machine but was able to access the forums without any problem.
Seems Charter wants to see what certain sites I visit consist of. This was a medical related site I was visiting with nothing to do with Charter and nothing nefarious about it whatsoever. Neither is it any of their business, or my only option to get online and beat that kind of thing.
