On Thu, Dec 06, 2001 at 10:13:07AM -0600, Richard Rauch wrote:
> Not unless:
> 
> (a) ipf blocks these by default.
> 
> (b) ipnat tells ipf to start blocking these.
> 
> 
> At the suggestion of the NetBSD Guide, I created an (empty)
> /etc/ipf.conf file and ran ipf (without parameters) prior to running
> ipnat.  Up till now, I've focused exclusively on ipnat---blocking packets
> may be worth doing eventually, but I'd like to get things doing what they
> should do before I worry about making things _not_ work.

Can you try this in /etc/ipf.conf:
pass in quick from any to any keep frags

--
Manuel Bouyer, LIP6, Universite Paris VI.           Manuel.Bouyer@lip6.fr
--