I found a PPP filter example/tutorial on the FreeBSD.org web site. While implementing this, I ran into the following problem: I cannot access the WEB from the FreeBSD box, and cannot retrive my mail from the ISP either. Interestingly the win98 pc(I have a small -two pc- ethernet network) can access all the internet services (WEB, send/recive messages). The FreeBSD box is the internet (dialup) gateway. If I remove the ppp filters section, the FreeBSD pc can also access WEB and receive E-mail. Here is my ppp.config file: ################################################################ # PPP Configuration File ('/etc/ppp/ppp.conf') # # Default settings; These are always executed always when PPP # is invoked and apply to all system configurations. ################################################################ default: set device /dev/cuaa0 set speed 57600 disable pred1 deny pred1 disable lqr deny lqr set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \"\" ATE1Q0M0 OK-AT-OK\\dATDT\\T TIMEOUT 40 CONNECT" set redial 3 10 # # KeepAlive filters # Don't keep Alive with ICMP,DNS and RIP packet # set filter alive 0 deny icmp set filter alive 1 deny udp src eq 53 set filter alive 2 deny udp dst eq 53 set filter alive 3 deny udp src eq 520 set filter alive 4 deny udp dst eq 520 set filter alive 5 permit 0/0 0/0 # # Dial Filters: # Note: ICMP will trigger a dial-out in this configuration! # set filter dial 0 permit 0/0 0/0 # # Allow ident packet pass through # set filter in 0 permit tcp dst eq 113 set filter out 0 permit tcp src eq 113 # # Allow telnet connection to the Internet # set filter in 1 permit tcp src eq 23 estab set filter out 1 permit tcp dst eq 23 # # Allow ftp access to the Internet # set filter in 2 permit tcp src eq 21 estab set filter out 2 permit tcp dst eq 21 set filter in 3 permit tcp src eq 20 dst gt 1023 set filter out 3 permit tcp dst eq 20 # # Allow access to DNS lookups # set filter in 4 permit udp src eq 53 set filter out 4 permit udp dst eq 53 # # Allow DNS Zone Transfers # set filter in 5 permit tcp src eq 53 set filter out 5 permit tcp dst eq 53 # # Allow access from/to local network # set filter in 6 permit 0/0 192.168.1.0/24 set filter out 6 permit 192.168.1.0/24 0/0 # # Allow ping and traceroute response # set filter in 7 permit icmp set filter out 7 permit icmp set filter in 8 permit udp dst gt 33433 set filter out 8 permit udp dst gt 33433 # # Allow cvsup # set filter in 9 permit tcp src eq 5998 set filter out 9 permit tcp dst eq 5998 set filter in 10 permit tcp src eq 5999 set filter out 10 permit tcp dst eq 5999 # # Allow NTP for Time Synchronization # set filter in 11 permit tcp src eq 123 dst eq 123 set filter out 11 permit tcp src eq 123 dst eq 123 set filter in 12 permit udp src eq 123 dst eq 123 set filter out 12 permit udp src eq 123 dst eq 123 # # SMTP'd be a good idea! # set filter in 13 permit tcp src eq 25 set filter out 13 permit tcp dst eq 25 # # # We use a lot of `whois`, let's pass that # set filter in 14 permit tcp src eq 43 set filter out 14 permit tcp dst eq 43 set filter in 15 permit udp src eq 43 set filter out 15 permit udp dst eq 43 # # If none of above rules matches, then packet is blocked. # # ################################################################ # # For interactive mode use this configuration: # # Invoke with `ppp -alias interactive` # ################################################################ interactive: set authname Your_User_ID_On_Remote_System set authkey Your_Password_On_Remote_System set phone 1-800-123-4567 set timeout 300 set openmode active accept chap # ################################################################ # # For demand-dial (automatic) mode we'll use this configuration: # # Invoke with: 'ppp -auto -alias demand' # ################################################################ demand: set authname Your_User_ID_On_Remote_System set authkey Your_Password_On_Remote_System set phone 1-800-123-4567 set timeout 300 set openmode active accept chap set ifaddr 127.1.1.1/0 127.2.2.2/0 255.255.255.0 add 0 0 127.2.2.2 ################################################################ # End of /etc/ppp/ppp.conf Can someone tell me how can I modify this file so FreeBSD can also surf the net and send/receive messages? Thanks.