pf + kldload

[Jon Simola]

On Fri, 11 Feb 2005 21:29:32 -0700, Anthony Chavez
<acc at anthonychavez.org> wrote:

> However, pfctl shows that no packet evaulations are being performed and
> thus, no packets are being dropped.

On a wild guess (because I had two techs brain-o this one for 6 hours)
have you done "pfctl -e" to turn on pf?

ipfw twiddles the sysctls when it's loaded and starts filtering
immediately, but pf requires manually turning it on. You can load
rulesets and test them for valid syntax without running pf (part
feature, part skill-testing question).

-- 
Jon Simola