I decided to write my own IPF ruleset. I can now access mail.com,
but I cannot access netbsd.org. Whats wrong with this IPF ruleset?


block  in     quick on ppp0 all   #Absolutely no one allowed in on the ppp0
                                          #interface


  # block invalid source address packets (anti-spoofing rules)
  block  in log quick on ppp0 from 192.168.0.0/16 to any
  block  in log quick on ppp0 from 172.16.0.0/12 to any
  block  in log quick on ppp0 from 10.0.0.0/8 to any
  block  in log quick on ppp0 from 127.0.0.0/8 to any

  #NOW LOOSEN RULES TO ALLOW TRAFFIC IN

  # implicit allow (see section 2.13)
  pass  out     quick on ppp0 proto tcp/udp all keep state
  pass  out     quick on ppp0 proto udp     all keep state
  pass  out     quick on ppp0 proto icmp all keep state
  pass  out     quick on ppp0 proto igmp all



block out log quick all



-- 
Indeed in nothing is the power of the Dark Lord more clearly shown than in the
estrangement that divides all those who still oppose him. --Lord of the Rings