Hi,

I have the following ipfilter rules on 1.5.3_ALPHA:

pass in all
pass out all
pass in quick from 127.0.0.1 to any
block in quick from any to any port = 515
block in quick from !xxx.xxx.xxx.0/255.255.255.0 to any port = 111
block in quick from !xxx.xxx.xxx.0/255.255.255.0 to any port = 2049
block in quick from !xxx.xxx.xxx.0/255.255.255.0 to any port = 6000

yet finger (port 79) is blocked from the "outside" (i.e., not matching
xxx.xxx.xxx.0/255.255.255.0).  I don't understand why, anybody more
knowledgable?  From my understanding of the manpage it should all
work well.  No blocking rule is there matching port 79.
ssh (port 22) can connect to the machine.

--mkb