On Tue, 7 Mar 2006, Johan Ihren wrote:
> No, I'm not offering, unfortunately. ipf has always confused me and I usually 
> turn ot others when I need to get it to do something new. But, on the other 
> hand that means I'm my own proof for the need for such an example ;-)

Put something like

 	block in proto tcp from any to any port = 8000 keep state

into /etc/ipf.conf on dom0 and put "ipfilter=yes" into /etc/rc.conf, and 
see if that helps.

No, I'm not an IPfilter guru but looking at /usr/share/examples/ipfilter 
helps. And fixing the Howto is left to someone else ("send patches")


  - Hubert