ipfw and tun0

[Dirk Gouders]

Hello,

I just started to use an ADSL line with PPPoE and want run a firewall
between it and my local network.  What I am wondering about is that
even if I only have the default everything-blocking rule (deny ip from
any to any) I still see incoming packets on tun0 with tcpdump.

Is this, because the firewall rules get checked after the packets
leave the tun0 interface?  On what interface should I run tcpdump then
to check if my rules are working as expected?

Dirk