If you compiled the kernel with the "option IPFIREWALL" you must configure an firewall or else packets will not pass through. Add the following lines to your /etc/rc.conf file firewall_enable="YES" firewall_type="open" firewall_script="/etc/rc.firewall"
or if you want to do it without rebooting # ipfw add pass all from any to any You should then customise your firewall script to your needs as this setup is insecure. ----- Original Message ----- From: "Derrick Ryalls" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, September 30, 2002 3:06 AM Subject: 4.7 RC problem > First time posting here, and I didn't see the topic before, so here it > goes... > > I agree to help my brother set up a new bsd box six hours away, doing > everything remotely once there is network access to the box. After some > hardware issues were resolved, I did a cvsup to get everything up to > date and ready for a kernel compile. The o/s will eventually be used as > a router, but for now it has just one nic. > > cvsup goes fine, and I start the buildworld. No errors through the > whole process, so I reboot to switch to the new kernel. The machine is > now dead to me, it won't respond to pings/ssh/begging. On site, the box > is running, and my brother can log in fine (directly, not via ssh). > When I ask him to ping around or even ping localhost, it comes up with > "ping: sendto: permission denied". He also can't even ssh out. This > looks like a permissions/firewall issue, but he is logging in as root, > and there is no firewall active. The kernel does have settings for > routing, but nothing is activated in rc.conf. Has anyone heard of this > sort of error? At this point, we can't even hope for a fix later and > just cvsup it when it comes out, the only other option is to toast the > machine completely and go with an earlier revision and not cvsup. > > -Derrick > > > > To Unsubscribe: send mail to [EMAIL PROTECTED] > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
