Hi,

seems like I unserstood something wrong with ipf.

All my config work - beside the very restrictive one on my laptop.

Basically, this is

block in all
block out all
pass out quick on sip0 all keep state

This machine can surf, ssh, mail - but no NFS mount (RPC timeout).

AFAIK, the "keep state" should work for tcp and udp (60 seconds), the 
connection was initiated by laptop - so why the RPC dies? "all" should 
imply icmp, tcp, udp (the firewalled laptop *CAN* ping others).

???

Thanks for any hints
Florian