On Wed, Dec 01, 1999 at 09:19:07PM -0800, Paul Newhouse wrote:
> 
> >You have no ipf rules to force 204.177.156.26 traffic back out ne0.
> 
> This rule:
> 
>   pass out log quick on de1 to ne0 from 24.1.4.202 to any
> 
> seems to work for forcing the packets that came in on ne0 back out ne0
> for other addresses.

That's a very interesting rule that I'll have to examine in more
detail. Without my TCP Illustrated V2 in front of me though, I
can't say for sure which behaviour that will provide.

> The packets don't show up on any interface!?  I don't get it, where do these 
> packets go?  This is weigh/whey/way to weird!! ;(

There are some interesting combinations when multiple packet filters
get installed in different sequences. I'll ask the resident expert.

> This worked on the previous kernel (3-4 months old) this newer kernel is
> strange.  Except fo ip6 it's config'd in the same way.

Ahh. That's key - a change in behaviour vs not working in a new setup.

-- 
David Maxwell, david@vex.net|david@maxwell.net -->
(About an Amiga rendering landscapes) It's not thinking, it's being artistic!
					      - Jamie Woods