This rule was disabled by default, so why is it there?

Henry

I don't rember how it was, but here it is enabled and no problems.
May be I enabled it to see what happens...

Enabled, the logs show it is blocking UDP packets mainly within my home network, but some to the outside.

There are two 'Block all' rules in the Firewall installation
1. Name=TCP : Any other packet
Description=Block all other TCP packets.

This rule will block all TCP packets that were not enabled by previous rules in the list

2. Name=UDP : Any other UDP packet
Description=Block all other UDP packets.

This rule will block all UDP packets that were not enabled by previous rules in the list

Both rules are enabled in the installation. To make sure that the rule is enabled look at the check box on the left of the rule. If it is checked then the rule is enabled else the rule is disabled (Red icon mean blocking rule and green icon means allow rule).

You are quite correct, I was wrongly interpreting what was doing the blocking: it would help if rules were numbered as well as named, and the log provided the name and rule number. The finall catch-all block is enabled now.

Given my level of ignorance about UDP and what to block (TCP for that matter), I fail to understand why this firewall, unlike most others, does not have a wizard to help set up my local network properly as a 'trusted zone' to use the description from many/most other firewalls out there.

I like this firewall, it seems more stable than others I have tried recently, but I am floundering in the dark, and while I have managed to get my local network to function by adding rules to provide exceptions to some of those built-in, my concern is that those changes may have left my system open to attack. As far as I am concerned, this is a 'black art' I have no interest in understanding, I just want it taken care of for me.

Henry