Try putting in:

block in on ex0 from any to any
block out on ex0 from any to any
block in on ex1 from any to any
block out on ex1 from any to any

This will effectively suppress ALL IP traffic to and from your box.

You can then add exceptions to this list to allow the traffic you want.

Gerry Simmons
simmons@darykon.cet.com


On Tuesday, June 4, Christian Fredrickson wrote:
> 
> I have two Ethernet cards bridged on my NetBSD server. I am testing this
> install with my machine so Router <----------> Switch <------------> ex0
> Bridge ex1 <--------> Hub <---> PC
> No I have also setup IPFILTER and started it on the bridge. My
> /etc/ipfrules.conf contains the following line:
> block in on ex0 from any to any
> 
> But I still get all traffic through to my PC. Why? What am I missing?
> 
> Thank you all in advance,
> 
> Chris
> 
>