On Wed, Jun 26, 2002 at 11:29:54AM +0200, Young, Julian wrote:
>       
>   ------          ------         ------
>   |    |          |    |         |    |
>   | A  |----------| B  |---------| C  |
>   |    |          |    |         |    |
>   ------          ------         ------
> 
> What I mean in that I can telnet fron A to B, from B to A , from B to C but
> NOT C to B
> 
> Not if I run ipfilter on B using ipmon can see the packet from C to B as
> being passes using the rules
> 
> pass log first on ex0 from any to any keep state
> pass log first on ex1 from any to any keep state
> 
> Note: this rule is out of my head so the sytax may not be precise but the
> intent is the same just pass and log. i have the same rule on both sides.

Do you have the proper routes on A and C ?
do you have sysctl net.inet.ip.forwarding set to 1 ?

-- 
Manuel Bouyer <bouyer@antioche.eu.org>
--