I need to add a machine to my LAN that I don't fully trust. I would
like to initially allow it to have all of the LAN -> WAN access that
other machines have, but I would like to log it intensively.
I don't want to duplicate each and every out-bound permission rule
just for this one host. Is there a way that I can create a log-only
rule that won't actually grant any permissions so that I can put this
rule early in my list of rules?