Hi

> "       When used without either of -S, -T or -E, ipftest uses its
>        own  text input format to generate "fake" IP packets.  The
>        format used is as follows:
>                  "in"|"out" "on" if ["tcp"|"udp"|"icmp"]
>                       srchost[,srcport] dsthost[,destport] [FSRPAU]


Found some more time to do some more with this.  If I do 'netstat -rn' 
then I find that the IPF rules are loaded.  Long list of them fall 
down the screen.   I can see "ipfilter=YES" in /etc/rc.conf.  When I 
type 'ipftest -S' into the console I get a reply which is "no rules 
loaded".

So, it would seem to be that some outward packets are blocked and no 
inward packets are blocked at all.  At least, that's the way it looks 
from here.  Anyone can give me any further advice about where to go 
next :)

Maybe tech security or tech package is the place where I should be 
asking questions ?



-- 
Richard