On 2002-09-30 00:06, Derrick Ryalls <[EMAIL PROTECTED]> wrote:
> After some hardware issues were resolved, I did a cvsup to get
> everything up to date and ready for a kernel compile. The o/s will
> eventually be used as a router, but for now it has just one nic.
> cvsup goes fine, and I start the buildworld. No errors through the
> whole process, so I reboot to switch to the new kernel. The machine is
> now dead to me, it won't respond to pings/ssh/begging. On site, the box
> is running, and my brother can log in fine (directly, not via ssh).
> When I ask him to ping around or even ping localhost, it comes up with
> "ping: sendto: permission denied".
This is definitely a firewall, although not very obvious which one of
them all :-)
The message is identical to what happens when I load the ipfw.ko
module (one of the firewalls available for FreeBSD) without
configuring any rules to allow some traffic through the firewall.
See the sample transcript below (note that I am running all the
commands as `root', the superuser):
root@hades[02:39]/root# kldload ipfw
ipfw2 initialized, divert disabled, rule-based forwarding enabled, default to
deny, logging disabled
root@hades[02:41]/root# ping 127.0.0.1
PING 127.0.0.1 (127.0.0.1): 56 data bytes
ping: sendto: Permission denied
^C
root@hades[02:42]/root# ipfw add 1 pass ip from any to any
00001 allow ip from any to any
root@hades[02:42]/root# ping 127.0.0.1
PING 127.0.0.1 (127.0.0.1): 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=1.084 ms
^C
You have obviously enabled one of the firewalls, in your new kernel
config but didn't configure anything to let packets through before
rebooting. Does your kernel config include any of the following?
options IPFIREWALL #firewall
options IPFILTER #ipfilter support
Giorgos.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message
