Subject: Re: ipf
To: None <current-users@NetBSD.ORG>
From: Wolfgang Rupprecht <>
List: current-users
Date: 05/30/1997 11:32:45 (Patrick Welche) writes:
> Has anyone else had problems with ipf since the upgrade? (port-i386)

The ipf stuff was pretty messed up the first day after the "upgrade".
Refetch it and rebuild the world.  It works now. (At least it does for

I did notice that I locked myself out of the box the first time it
booted.  I needed to add the following to the top of my filter rules.

	pass  in  from any to any
	pass  out from any to any

Has anyone gotten the quick-route rules to work?  I played with them
once, but all I got was a panic (from the network code) for my

My box is a dual-homed machine where both interfaces go to different
ISP's.  Each ISP imposes security filtering based on the source IP
address.  This means that I have to route a packet based on the
*source* address.  A novel twist, I know.  From the descrition of the
security filter, it appears that it can do that, but perhaps I'm not
using it the right way.  This is what I tried (just before the machine

   block out log on de0 to de1: from to any

Wolfgang Rupprecht    <>
Sick of spam?  Check out all the crap we've gotten.