I make no secret of my inability to comprehend firewall rules. Sometimes I can just about parse out the meaning of a single line, but mostly it just escapes me. I've read some of the tutorials and I'm now more confused than ever. When I wrote up a firewall for my FreeBSD tutorial, it was basically copied from the included standard docs.

I've googled hard, but can't find a similar example ruleset for NetBSD. Can anyone point me to a fairly current NetBSD firewall tuned for stand-alone dialup?

Bumbler

You can always use IPF.

Fine, but I'm too thick-headed to see how that will help me configure a dialup firewall. What is IPF? The manpage indicates it's just another way of making a firewall. The whole point is that I have zero expertise in even knowing what sorts of rules I should have. All I want is to block everything except responses to what I specifically request. Without some expert guidance, I'm not gonna get there. :)

If I remember correctly, it's about the same syntax as IPFW. You just want to deny all coming in, and allow what you do want coming in. I'll give you some examples later.