> 
> I just looked at ipmonlog, the 4 records there
> are from Dec 4. They all are about
> starting/stopping snmptrapd...
> 
> What I am trying to figure out is why does
> ipfilter choke on mail.com packets when I allow
> netbsd.org packets in and vice versa...

Enable 'ipmon' with "ipmon=YES" and something like 
"ipmon_flags='-D -f /var/log/ipflog'" in '/etc/rc.conf'. (I use 'syslog'
for logging, but setting that up is a bit more involved; see the 
'ipmon' man page if you're curious.)  Then add a "log" flag to all of
your "block" rules ("block ... in log ...").  (Re-) Start 'ipf' with
"/etc/rc.d/ipfilter (re)start", and start 'ipmon' with 
"/etc/rc.d/ipmon start".  Try to access the site in question in
whatever way you do, then see what 'ipmon' writes in '/var/log/ipflog'.
The 'ipmon' man page will explain how to determine which rule is
blocking an attempted connection.

David S.