On Mon, 13 Dec 2004, Richard Ibbotson wrote:
> Daniel
> 
> > ipftest doesn't look at the kernel, it's a stand-alone tool. You
> > need to tell it -r rule-file, but I suspect you want to be looking
> > at ipfstat -i/-o instead.
> 
> Tried 'ipftest -r /etc/ipf.conf' and found that the command line stood 
> still and no output was to be seen.   Leads me to think that the 
> ipf.conf file may be wrong somewhere but since  'ipf -Fa 
> -f /etc/ipf.conf' works fine then I'm not sure what to make of it.

Again, as Dan said, ipftest has nothing to do with the kernel. You need
to read the ipftest manpage. It's waiting for you to type example
packets, and it will tell you how the rules would respond to them.

"       When used without either of -S, -T or -E, ipftest uses its
       own  text input format to generate "fake" IP packets.  The
       format used is as follows:
                 "in"|"out" "on" if ["tcp"|"udp"|"icmp"]
                      srchost[,srcport] dsthost[,destport] [FSRPAU]
"

-- 
David Maxwell, david@vex.net|david@maxwell.net --> 
"Maxwell's Maxim: Sturgeon's Law fails where one person has a bullwhip
and isn't afraid to use it"                     - Martin Loeffler