Installed BM37+NW6sp3 server with 5 nics, one public (static+dynamicnat), 3 with private ip-addresses and one (not natted) to dmz. Also
installed patches and other stuff as Craig's webpage told.
Problem1: Only stateful filters work. Why? Is it because of NAT?
Problem2: Default rules made by BM install leave the public interface

very unprotected. Why? Port scanner told me some ports were blocked
but not all. Afaik deny all means that every byte is dropped..
Problem3: When I make blocking rule with interface names in rule it
will block ALL TRAFFIC in all interfaces except those ports that haveallow rules to all interfaces. Stupid I would say.. I mean this way:
Allow icmp from all interaces to all interfaces
Deny all from PUBLIC to ANY
Allow all from PRIVATE1 to ANY
Result: Only ping & traceroute works from private1 network. Why?
Problem4: Server freezes after BRDSTOP when unloading proxycfg. Thisis the smallest of my problems since i'm not using the proxy until I
get other probs fixed.
Problem5: Default route to internet does not work. Well it works nowafter I modified netinfo.cfg to bind public nic first. It should not
be that hard to get packets to right interface...
If you have any ideas you know what to do.. ;>