On Thu, 17 Feb 2000, Manuel Bouyer wrote:

> On Thu, Feb 17, 2000 at 01:10:42PM +0000, Uwe Klaus wrote:
> > Hi,
> > 
> > I tried to upgrade my firewall/gateway from 1.4.1 to the
> > NetBSD-release branch (sources from Feb 12).
> > 
> > Unfortunately, I had serious trouble with an apache server running on
> > a Sun server (Solaris 2.6) behind the firewall. Most, but not all,
> > connections timed out (error code 408). An apache server running on a
> > netbsd box (also behind the firewall) worked well.
> 
> Do you have NAT runing ? If so you may want to check your ipf.conf, a few
> thing have changedi (rules are now checked *after* ipnat translation,
> which means it's the end IP addr which is checked, not the router's IP addr).
> I don't have any problems since I corrected my rules.
Thanks for the hint. 
It works now.

Uwe