Subject: Re: ipf
To: Wolfgang Rupprecht <>
From: Curt Sampson <>
List: current-users
Date: 05/30/1997 13:03:22
On 30 May 1997, Wolfgang Rupprecht wrote:

> My box is a dual-homed machine where both interfaces go to different
> ISP's.  Each ISP imposes security filtering based on the source IP
> address.  This means that I have to route a packet based on the
> *source* address.  A novel twist, I know.  From the descrition of the
> security filter, it appears that it can do that, but perhaps I'm not
> using it the right way.  This is what I tried (just before the machine
> panic-ed). 
>    block out log on de0 to de1: from to any

No, that will simply block packets with that address going out that
port. The system won't send them out the other port if that port
drops them.


Curt Sampson	   Info at
Internet Portal Services, Inc.	   Through infinite myst, software reverberates
Vancouver, BC  (604) 257-9400	   In code possess'd of invisible folly.