From owner-freebsd-net@FreeBSD.ORG Tue Jul 29 17:56:26 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3822837B401 for ; Tue, 29 Jul 2003 17:56:26 -0700 (PDT) Received: from endikos.com (endikos.com [216.234.204.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id 95FF343F3F for ; Tue, 29 Jul 2003 17:56:25 -0700 (PDT) (envelope-from webmaster@endikos.com) Received: from ONESIMUS (softdnserr [::ffff:216.234.204.197]) by endikos.com with esmtp; Wed, 30 Jul 2003 00:20:52 -0600 From: "William Knechtel" To: freebsd-net@freebsd.org Date: Tue, 29 Jul 2003 18:56:25 -0600 Message-ID: <000701c35635$66bdb530$c5ccead8@ONESIMUS> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal Subject: Help with FreeBSD Bridged Firewall X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Jul 2003 00:56:26 -0000 Hello! Help!! I'm running a PC with dual NICs and FreeBSD 4.8 for a bridged firewall. I've got a private IP 10.0.0.1 tied to the internal card on the box for remote management. The firewall blocks any 10.x traffic coming in on the external card, so to remotely admin it, I have to shell into a machine on the same isolated network segment that it's on, and then shell over from that machine. Today around noon, the machine suddenly stopped responding to pings. I went down to the server room and couldnt find anything wrong. No notes on the console screen, no anomalous entries in the security or message logs. So, in the interest of getting it back up quickly, I rebooted it. That worked. About an hour later, the same thing happened... my network monitor tells me that it's not responding to pings. So before I go down to the server room, I run a few tests... the firewall is still blocking packets like a champ. I run nmap against a host the firewall protects, and everything comes back fine. But when I go downstairs to the console, I can't ping out to it's 10.0.0.2 buddy, and no incoming pings work either. I'm at a loss on how to troubleshoot this, folks. I could really use a few ideas, so please send them along! Thanks in Advance! Bill