prlw1@cam.ac.uk (Patrick Welche) writes:
> Has anyone else had problems with ipf since the upgrade? (port-i386)

The ipf stuff was pretty messed up the first day after the "upgrade".
Refetch it and rebuild the world.  It works now. (At least it does for
me.)

I did notice that I locked myself out of the box the first time it
booted.  I needed to add the following to the top of my filter rules.

	pass  in  from any to any
	pass  out from any to any

Has anyone gotten the quick-route rules to work?  I played with them
once, but all I got was a panic (from the network code) for my
trouble.

My box is a dual-homed machine where both interfaces go to different
ISP's.  Each ISP imposes security filtering based on the source IP
address.  This means that I have to route a packet based on the
*source* address.  A novel twist, I know.  From the descrition of the
security filter, it appears that it can do that, but perhaps I'm not
using it the right way.  This is what I tried (just before the machine
panic-ed). 

   block out log on de0 to de1:140.174.88.2 from 140.174.88.0/24 to any

-wolfgang
-- 
Wolfgang Rupprecht    <wolfgang@wsrcc.com>     http://www.wsrcc.com/
Sick of spam?  Check out all the crap we've gotten. http://www.wsrcc.com/spam/