I don't know how to check if there's a PR open on this, but it seems like
a pretty significant bug.  When you enable and disable packet filtering,
then reenable it, disabling it a second time consistently results in a
kernel panic.

ftp2$ ipf -D
pfil_list_remove:  no function on list
panic: pfil_list_remove
Stopped in ipf at       _Debugger+0x6:  unlk    a6
db>



Now the question: I'm trying to figure out how to set up a packet filter
to block connections from the outside world to certain ports on the NetBSD
box, i.e. to only have certain services happen on the internal (currently
PPP) interface.  Starting up the machine doesn't reveal any errors about
the rules, but appears to only be installing the default rules.  Further,
running ipf by itself doesn't list any rules (or seem to do much of
anything). Is there a command to list the current packet filters?


David