********Please keep my name in the "Send To" field, because I need to be
approved to join the 'tech-net' apparently. Maybe because the University
uses e-mail address aliases.**********

Gents---
	Happy Friday to everyone! I'm sure this is an easy question.
	I've setup the infamous NetBSD/i386 Firewall from dubbele.com, and
modified it to use RP-PPPoE to connect over the ADSL line. Now, all I want
is to allow http (port 80) traffic thru to machine 10.10.10.10. I've RTFM,
read thru the mail archives, and thought I had the answer (shown below). So
I get that all in and restarted the firewall, ( BTW, aren't there command to
renew the ipf and ipnat rules w/o rebooting?) and I can browse to
10.10.10.10 fine (from 10.10.10.2), but when I try to browse to 64.252.39.??
(from 10.10.10.2), I get the "No response, server could be down" message.
Help.

P.S. Does anyone use the redirection service on CJB.net?? 


-----IPNAT.CONF-----
#!/sbin/ipnat -f -
# ex0 - (old ext.) connection to ISP, address 10.10.10.20/32
# ppp0- (new ext.) connection to SNET, DHCP address - 0/32 
# ep0 - (internal) network interface, address 192.168.1.250/32
#
rdr ppp0 0/32 port 80 -> 10.10.10.10 port 80 tcp 
#
map ppp0 10.10.10.0/24 -> 0/32 portmap tcp/udp 40000:60000
map ppp0 10.10.10.0/24 -> 0/32
#
#To make ftp work, using the internal ftp proxy, use:
map ppp0 10.10.10.0/24 -> 0/32 proxy port ftp ftp/tcp
#

-----IPF.CONF-----
#!/sbin/ipf -f -
#
# Prevent IP spoofing.
pass in quick on ppp0 proto tcp from any to 10.10.10.10/32 port = 80
#
block in quick all with short




---   David A Woyciesjes
---   C & IS Support Specialist
---   Yale University Press
---   mailto:david.woyciesjes@yale.edu
---   (203) 432-0953
---   ICQ # - 905818