After upgrading a -CURRENT box from the April 19 version to one
from yesterday, ping on that box seems to be broken. (I noticed the
behavior today; I don't know whether it's directly related to the
upgrade or not.)
Specifically:
huff@>> netstat -rn -f inet
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 209.6.22.1 UGS 0 1917213 em0
10.0.0.0/8 link#2 UC 0 0 em1
10.0.0.1 00:0e:0c:a8:a7:e9 UHLW 1 38374 lo0
10.255.255.255 ff:ff:ff:ff:ff:ff UHLWb 1 267 em1
127.0.0.1 127.0.0.1 UH 0 272685 lo0
209.6.22.0/23 link#1 UC 0 0 em0
209.6.22.1 00:0d:66:25:50:01 UHLW 2 25 em0 1196
209.6.22.188 00:0e:0c:a8:a7:e8 UHLW 1 6 lo0
209.6.23.255 ff:ff:ff:ff:ff:ff UHLWb 1 267 em0
huff@>> ping 209.6.22.188
PING 209.6.22.188 (209.6.22.188): 56 data bytes
64 bytes from 209.6.22.188: icmp_seq=0 ttl=64 time=0.075 ms
64 bytes from 209.6.22.188: icmp_seq=1 ttl=64 time=0.093 ms
64 bytes from 209.6.22.188: icmp_seq=2 ttl=64 time=0.086 ms
64 bytes from 209.6.22.188: icmp_seq=3 ttl=64 time=0.078 ms
64 bytes from 209.6.22.188: icmp_seq=4 ttl=64 time=0.090 ms
huff@>> ping 209.6.22.1
PING 209.6.22.1 (209.6.22.1): 56 data bytes
^C
--- 209.6.22.1 ping statistics ---
10 packets transmitted, 0 packets received, 100.0% packet loss
I have a firewall; rules are appended.
The wierd part is other connectivity works: I can ftp,
web-surf, telnet, etc..
Any ideas on what's broken?
Robert Huff
�
00100 630662 280315972 allow ip from any to any via lo0
00200 0 0 deny ip from any to 127.0.0.0/8
00300 0 0 deny ip from 127.0.0.0/8 to any
00350 11780 5065589 allow udp from any 67-68 to any dst-port 67-68
00600 0 0 allow ip6 from any to any via lo0
00610 0 0 deny ip6 from any to ::1
00620 0 0 deny ip6 from ::1 to any
00630 36 2304 allow ip6 from :: to ff02::/16 proto ipv6-icmp
00640 0 0 allow ip6 from fe80::/10 to fe80::/10 proto ipv6-icmp
00650 47 3384 allow ip6 from fe80::/10 to ff02::/16 proto ipv6-icmp
00660 0 0 allow ip6 from 2001:db8:2:1::1 to 2001:db8:2:1::/64
00670 0 0 allow ip6 from 2001:db8:2:1::/64 to 2001:db8:2:1::1
00680 0 0 allow ip6 from fe80::/10 to ff02::/16
00690 0 0 allow ip6 from 2001:db8:2:1::/64 to ff02::/16
00700 0 0 allow ip6 from any to any established proto tcp
00710 0 0 allow ip6 from any to any frag
00720 0 0 allow ip6 from any to 2001:db8:2:1::1 dst-port 25
setup proto tcp
00730 0 0 allow ip6 from 2001:db8:2:1::1 to any setup proto tcp
00740 4 320 deny ip6 from any to any setup proto tcp
00750 0 0 allow ip6 from any 53 to 2001:db8:2:1::1 proto udp
00760 0 0 allow ip6 from 2001:db8:2:1::1 to any dst-port 53
proto udp
00770 0 0 allow ip6 from any 123 to 2001:db8:2:1::1 proto udp
00780 0 0 allow ip6 from 2001:db8:2:1::1 to any dst-port 123
proto udp
00790 0 0 allow ip6 from any to any ip6 icmp6types 1 proto
ipv6-icmp
00800 1415 90560 allow ip6 from any to any ip6 icmp6types 2,135,136
proto ipv6-icmp
06000 0 0 deny log logamount 100 tcp from any to any dst-port
137 in via em0
06050 32 3000 deny log logamount 100 udp from any to any dst-port
137 in via em0
06100 0 0 deny log logamount 100 tcp from any to any dst-port
138 in via em0
06150 235 56158 deny log logamount 100 udp from any to any dst-port
138 in via em0
06200 0 0 deny log logamount 100 tcp from any to any dst-port
139 in via em0
06250 0 0 deny log logamount 100 udp from any to any dst-port
139 in via em0
07000 0 0 deny log logamount 100 tcp from any to any dst-port
111 in via em0
07050 0 0 deny log logamount 100 udp from any to any dst-port
111 in via em0
07100 0 0 deny log logamount 100 tcp from any to any dst-port
530 in via em0
07150 0 0 deny log logamount 100 udp from any to any dst-port
530 in via em0
07200 0 0 deny log logamount 100 tcp from any to any dst-port
161 in recv em0
07225 0 0 deny log logamount 100 udp from any to any dst-port
161 in recv em0
07250 0 0 deny log logamount 100 tcp from any to any dst-port
162 in recv em0
07275 0 0 deny log logamount 100 udp from any to any dst-port
162 in recv em0
07300 0 0 deny log logamount 100 tcp from any to any dst-port 194
07310 0 0 deny log logamount 100 udp from any to any dst-port 194
07320 0 0 deny log logamount 100 tcp from any to any dst-port 529
07330 0 0 deny log logamount 100 udp from any to any dst-port 529
07340 0 0 deny log logamount 100 tcp from any to any dst-port 994
07350 0 0 deny log logamount 100 udp from any to any dst-port 994
07360 0 0 deny log logamount 100 tcp from any to any dst-port
6667
07370 23 2341 deny log logamount 100 udp from any to any dst-port
6667
10000 2229463 1617354881 allow tcp from any to any established
10100 631216 58860463 allow ip from any to any out via em0
10200 0 0 allow tcp from 10.0.0.0/8 to any dst-port 80
10300 0 0 allow tcp from any 80 to any dst-port 1024-65535 via
em0
10400 0 0 allow tcp from any 443 to any dst-port 1024-65535 via
em0
10500 0 0 deny log logamount 100 tcp from any 1024-65535 to any
dst-port 80 via em0
10600 0 0 deny log logamount 100 tcp from any 1024-65535 to any
dst-port 443 via em0
65000 776246 50780785 allow ip from any to any
65535 122 7329 deny ip from any to any
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
