heres some background - Running a BSD box for my router & firewall..

VFX would work really well on all outgoing calls ..
Incoming calls were very very odd, it would accept incoming calls for about 2-3 mins after i made an external call but after that it wouldn't connect anything until i made an external call

so after a morning of testing every 2-10 mins i thought i had enough info for it to be conclusive that i've got an issue.  

so off i trotted to Phil with a horribly formatted Private Message ( sorry phil ) - looked readable when i typed it up in word, it wasn't until i looked at my sentbox that i saw how nasty it would have looked when you saw it /anyways back on topic

Phil promptly replied with call sequence diagram showing me exactly where the problem was - it of course was with our router / firewall ..  apparently its happened a couple times with other peoples setups too.. 

so here goes... ..

its a PPPoE connection i'm running on...

so have to run a tun0 to get a PPP connection with the following rules in ipf.rules

pass out quick on tun0 proto tcp/udp from (internal ip of pap2t device) to any keep state   //allows me to make outbound connections without any problems ( at least this works properally )...


//now for incoming
pass in quick on tun0 proto udp from (VFX ip address) to (routers ip address) port (lower port range) >< (upper port range) keep state
pass in quick on tun0 proto udp from (VFX ip address) to (routers ip address) port (lower port range) >< (upper port range data) keep state


then theres the ipnat.rules...

rdr tun0 (VFX ip address)/32 port (port1) -> (device ip address)/32 port (port1) udp
rdr tun0 (VFX ip address)/32 port (port2) -> (device ip address)/32 port (port2) udp // do this for all ports because hte >< range doesn't work in ipnat.rules for rdr

but alas this has not solved the problem completely. anyone with more ideas about ipf & BSD that can shed some light on this ?..