From owner-freebsd-questions@FreeBSD.ORG  Wed Jun 22 14:31:28 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id AA98116A41C
	for <freebsd-questions@freebsd.org>;
	Wed, 22 Jun 2005 14:31:28 +0000 (GMT)
	(envelope-from freebsd-questions-local@be-well.ilk.org)
Received: from mail26.sea5.speakeasy.net (mail26.sea5.speakeasy.net
	[69.17.117.28]) by mx1.FreeBSD.org (Postfix) with ESMTP id 85AE143D1D
	for <freebsd-questions@freebsd.org>;
	Wed, 22 Jun 2005 14:31:28 +0000 (GMT)
	(envelope-from freebsd-questions-local@be-well.ilk.org)
Received: (qmail 6518 invoked from network); 22 Jun 2005 14:31:28 -0000
Received: from dsl092-078-145.bos1.dsl.speakeasy.net (HELO be-well.ilk.org)
	([66.92.78.145])
	(envelope-sender <freebsd-questions-local@be-well.ilk.org>)
	by mail26.sea5.speakeasy.net (qmail-ldap-1.03) with SMTP
	for <luck@computerking.ca>; 22 Jun 2005 14:31:28 -0000
Received: by be-well.ilk.org (Postfix, from userid 1147)
	id BF88D2B; Wed, 22 Jun 2005 10:31:27 -0400 (EDT)
Sender: lowell@be-well.ilk.org
To: RYAN vAN GINNEKEN <luck@computerking.ca>
To: freebsd-questions@freebsd.org
References: <MIEPLLIBMLEEABPDBIEGEEFEHHAA.fbsd_user@a1poweruser.com>
	<42B89949.7040808@computerking.ca>
From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org>
Date: 22 Jun 2005 10:31:27 -0400
In-Reply-To: <42B89949.7040808@computerking.ca>
Message-ID: <44d5qejwe8.fsf@be-well.ilk.org>
Lines: 16
User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: 
Subject: Re: ipf not working correctly???
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: freebsd-questions@freebsd.org
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jun 2005 14:31:28 -0000

Don't top-post, please.

RYAN vAN GINNEKEN <luck@computerking.ca> writes:

> Thanks but do you have any advice for me rather than fbsd_user

Not much; your message was hard to follow, and the configuration
didn't seem to match the behavior you observed (e.g., ipfilter wasn't
even in the kernel configuration, but seemed to be stopping packets).

Unless you have a specific reason otherwise, follow the other poster's
advice and stick to one firewall configuration.

When you are looking for DNS problems, check from the machine running
the NAT, so that you can separate problems with NAT from problems with
packet filtering.