On Sun, Jan 23, 2005 at 02:14:51PM -0500, Chris Ross wrote:
> 
> related to
> this.  There's no filtering at all applied to icmp.  Hmm, tho, I think 
> I did compile
> the kernel as IPF_BLOCK_DEFAULT.  Does the default block kernel 
> compilation
> *not* log?  That seems odd...

Yes, IPF_BLOCK_DEFAULT doesn't log.

> 
>   Is there any way I can check if the packets are being blocked by ipf? 
>  Can
> I turn it off, without rebooting and/or changing the kernel?  I don't 
> know if
> that module can be dynamically disabled, and since it's not my rules 
> (I'm
> pretty sure) that are the problem, I'd need to disable it in whole...

ipf -D should disable it. Or you can a "pass quick all" at the top of
your rules.

-- 
Manuel Bouyer <bouyer@antioche.eu.org>
     NetBSD: 26 ans d'experience feront toujours la difference
--