Date: Thu, 17 Jul 2008 11:03:45 -0400 From: Robert Huff <roberthuff@rcn.com> To: questions@freebsd.org Subject: can't ping Message-ID: <18559.24401.117836.697784@jerusalem.litteratus.org>
next in thread | raw e-mail | index | archive | help
After upgrading a -CURRENT box from the April 19 version to one from yesterday, ping on that box seems to be broken. (I noticed the behavior today; I don't know whether it's directly related to the upgrade or not.) Specifically: huff@>> netstat -rn -f inet Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 209.6.22.1 UGS 0 1917213 em0 10.0.0.0/8 link#2 UC 0 0 em1 10.0.0.1 00:0e:0c:a8:a7:e9 UHLW 1 38374 lo0 10.255.255.255 ff:ff:ff:ff:ff:ff UHLWb 1 267 em1 127.0.0.1 127.0.0.1 UH 0 272685 lo0 209.6.22.0/23 link#1 UC 0 0 em0 209.6.22.1 00:0d:66:25:50:01 UHLW 2 25 em0 1196 209.6.22.188 00:0e:0c:a8:a7:e8 UHLW 1 6 lo0 209.6.23.255 ff:ff:ff:ff:ff:ff UHLWb 1 267 em0 huff@>> ping 209.6.22.188 PING 209.6.22.188 (209.6.22.188): 56 data bytes 64 bytes from 209.6.22.188: icmp_seq=0 ttl=64 time=0.075 ms 64 bytes from 209.6.22.188: icmp_seq=1 ttl=64 time=0.093 ms 64 bytes from 209.6.22.188: icmp_seq=2 ttl=64 time=0.086 ms 64 bytes from 209.6.22.188: icmp_seq=3 ttl=64 time=0.078 ms 64 bytes from 209.6.22.188: icmp_seq=4 ttl=64 time=0.090 ms huff@>> ping 209.6.22.1 PING 209.6.22.1 (209.6.22.1): 56 data bytes ^C --- 209.6.22.1 ping statistics --- 10 packets transmitted, 0 packets received, 100.0% packet loss I have a firewall; rules are appended. The wierd part is other connectivity works: I can ftp, web-surf, telnet, etc.. Any ideas on what's broken? Robert Huff 00100 630662 280315972 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 00350 11780 5065589 allow udp from any 67-68 to any dst-port 67-68 00600 0 0 allow ip6 from any to any via lo0 00610 0 0 deny ip6 from any to ::1 00620 0 0 deny ip6 from ::1 to any 00630 36 2304 allow ip6 from :: to ff02::/16 proto ipv6-icmp 00640 0 0 allow ip6 from fe80::/10 to fe80::/10 proto ipv6-icmp 00650 47 3384 allow ip6 from fe80::/10 to ff02::/16 proto ipv6-icmp 00660 0 0 allow ip6 from 2001:db8:2:1::1 to 2001:db8:2:1::/64 00670 0 0 allow ip6 from 2001:db8:2:1::/64 to 2001:db8:2:1::1 00680 0 0 allow ip6 from fe80::/10 to ff02::/16 00690 0 0 allow ip6 from 2001:db8:2:1::/64 to ff02::/16 00700 0 0 allow ip6 from any to any established proto tcp 00710 0 0 allow ip6 from any to any frag 00720 0 0 allow ip6 from any to 2001:db8:2:1::1 dst-port 25 setup proto tcp 00730 0 0 allow ip6 from 2001:db8:2:1::1 to any setup proto tcp 00740 4 320 deny ip6 from any to any setup proto tcp 00750 0 0 allow ip6 from any 53 to 2001:db8:2:1::1 proto udp 00760 0 0 allow ip6 from 2001:db8:2:1::1 to any dst-port 53 proto udp 00770 0 0 allow ip6 from any 123 to 2001:db8:2:1::1 proto udp 00780 0 0 allow ip6 from 2001:db8:2:1::1 to any dst-port 123 proto udp 00790 0 0 allow ip6 from any to any ip6 icmp6types 1 proto ipv6-icmp 00800 1415 90560 allow ip6 from any to any ip6 icmp6types 2,135,136 proto ipv6-icmp 06000 0 0 deny log logamount 100 tcp from any to any dst-port 137 in via em0 06050 32 3000 deny log logamount 100 udp from any to any dst-port 137 in via em0 06100 0 0 deny log logamount 100 tcp from any to any dst-port 138 in via em0 06150 235 56158 deny log logamount 100 udp from any to any dst-port 138 in via em0 06200 0 0 deny log logamount 100 tcp from any to any dst-port 139 in via em0 06250 0 0 deny log logamount 100 udp from any to any dst-port 139 in via em0 07000 0 0 deny log logamount 100 tcp from any to any dst-port 111 in via em0 07050 0 0 deny log logamount 100 udp from any to any dst-port 111 in via em0 07100 0 0 deny log logamount 100 tcp from any to any dst-port 530 in via em0 07150 0 0 deny log logamount 100 udp from any to any dst-port 530 in via em0 07200 0 0 deny log logamount 100 tcp from any to any dst-port 161 in recv em0 07225 0 0 deny log logamount 100 udp from any to any dst-port 161 in recv em0 07250 0 0 deny log logamount 100 tcp from any to any dst-port 162 in recv em0 07275 0 0 deny log logamount 100 udp from any to any dst-port 162 in recv em0 07300 0 0 deny log logamount 100 tcp from any to any dst-port 194 07310 0 0 deny log logamount 100 udp from any to any dst-port 194 07320 0 0 deny log logamount 100 tcp from any to any dst-port 529 07330 0 0 deny log logamount 100 udp from any to any dst-port 529 07340 0 0 deny log logamount 100 tcp from any to any dst-port 994 07350 0 0 deny log logamount 100 udp from any to any dst-port 994 07360 0 0 deny log logamount 100 tcp from any to any dst-port 6667 07370 23 2341 deny log logamount 100 udp from any to any dst-port 6667 10000 2229463 1617354881 allow tcp from any to any established 10100 631216 58860463 allow ip from any to any out via em0 10200 0 0 allow tcp from 10.0.0.0/8 to any dst-port 80 10300 0 0 allow tcp from any 80 to any dst-port 1024-65535 via em0 10400 0 0 allow tcp from any 443 to any dst-port 1024-65535 via em0 10500 0 0 deny log logamount 100 tcp from any 1024-65535 to any dst-port 80 via em0 10600 0 0 deny log logamount 100 tcp from any 1024-65535 to any dst-port 443 via em0 65000 776246 50780785 allow ip from any to any 65535 122 7329 deny ip from any to any
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?18559.24401.117836.697784>