From owner-freebsd-questions@FreeBSD.ORG Thu Mar 29 18:52:55 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 03AD916A402 for ; Thu, 29 Mar 2007 18:52:55 +0000 (UTC) (envelope-from iaccounts@ibctech.ca) Received: from pearl.ibctech.ca (pearl.ibctech.ca [208.70.104.210]) by mx1.freebsd.org (Postfix) with ESMTP id 9068413C44C for ; Thu, 29 Mar 2007 18:52:54 +0000 (UTC) (envelope-from iaccounts@ibctech.ca) Received: (qmail 68859 invoked by uid 1002); 29 Mar 2007 18:52:54 -0000 Received: from iaccounts@ibctech.ca by pearl.ibctech.ca by uid 89 with qmail-scanner-1.22 (spamassassin: 2.64. Clear:RC:1(208.113.63.132):. Processed in 10.27681 secs); 29 Mar 2007 18:52:54 -0000 Received: from unknown (HELO ?192.168.1.242?) (steve@ibctech.ca@208.113.63.132) by pearl.ibctech.ca with SMTP; 29 Mar 2007 18:52:42 -0000 Message-ID: <460C0A77.9060901@ibctech.ca> Date: Thu, 29 Mar 2007 14:50:31 -0400 From: Steve Bertrand User-Agent: Thunderbird 1.5.0.10 (Windows/20070221) MIME-Version: 1.0 To: Michael Grant References: <62b856460703291029m23a33b2dt1f2453f74bf6cf4a@mail.gmail.com> <20070329133404.8092bd13.wmoran@potentialtech.com> <62b856460703291128q134f0caaxf201cd87dbe8b1a9@mail.gmail.com> In-Reply-To: <62b856460703291128q134f0caaxf201cd87dbe8b1a9@mail.gmail.com> X-Enigmail-Version: 0.94.2.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: FreeBSD Questions Subject: Re: ping X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Mar 2007 18:52:55 -0000 Michael Grant wrote: > I'm fairly sure the problem is not in ipf, something I've been running > for years on other machines. If run ipmon, it shows me what's being > blocked and by which rule. Pings are not being blocked by ipf. > > The relevent ipf rules are: > > block in log on em0 all head 100 > pass in quick proto icmp from any to any keep frags group 100 > block out on em0 all head 200 > pass out quick proto icmp all keep state keep frags group 200 > > ipfw, which I didn't really intend on using but it seems to be enabled > anyway, I have this: > > 10000 allow icmp from any to any icmptypes 8 out > 10100 allow icmp from any to any icmptypes 0 in > 10200 allow icmp from any to any icmptypes 11 in > 65535 allow ip from any to any > > Is there an equivalent of ipmon for ipfw? # ipfw show Also, during your tcpdump, did you see the icmp replies going back out, or just coming in? Steve