On Thu, Nov 20, 2003 at 10:49:12AM -0600, Jason Bradley Nance wrote: > Hello, > I'm having some issues with pings getting blocked... > > I have allowed ICMP for all connections.
How are you attempting to allow the ICMP traffic? This should be: ALLOWED_PROTOCOLS="0/0(1)" > 'lo' is a trusted interface. > > But when I try to ping I get this: > > ping: sendmsg: Operation not permitted > > And my log spits out this: > > Nov 20 10:46:52 srcenter kernel: FW: Mangle-OUTPUT IN= OUT=lo > SRC=192.168.0.11 DST=192.168.0.11 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=0 > DF PROTO=ICMP TYPE=8 CODE=0 ID=24627 SEQ=3 > > 192.168.0.11 is a CIPE device (cipcb0). I have listed it as trusted as > well. I would start by looking at the output of firewall status, specifically the mangle-OUTPUT table. For some reason the above packet is not meeting any rule with an ACCEPT target. In order for it to be logged this way with the firewall running normally with loggging enabled the packet would need to reach the bottom of that chain, at which time it would be logged and then subjected to the default policy (DROP). -- Jamin W. Collins To be nobody but yourself when the whole world is trying it's best night and day to make you everybody else is to fight the hardest battle any human being will fight. -- E.E. Cummings
