<snip>
Yes, I do have 'net.inet.ip.forwarding=1'.
In that case can you post everything? /etc/mygate /etc/pf.conf /etc/hostname.xl0 /etc/hostname.fxp0 run 'sysctl net.inet.ip.forwarding' post your changes to /etc/sysctl.conf run tcpdump add the 'log' keyword to your pf rules, and run 'tcpdump -n -e -ttt -r /var/log/pflog' and throw in a dmesg for good measure. ;) *then* there will be enough information to see what is going on. --Bryan
