From owner-freebsd-security Tue Jul 10 4:17:39 2001 Delivered-To: freebsd-security@freebsd.org Received: from void.xpert.com (xpert.com [199.203.132.1]) by hub.freebsd.org (Postfix) with ESMTP id D166437B403 for ; Tue, 10 Jul 2001 04:17:33 -0700 (PDT) (envelope-from Yonatan@xpert.com) Received: from mailserv.xpert.com ([199.203.132.135]) by void.xpert.com with esmtp (Exim 3.20 #1) id 15JuXb-0006e5-00; Tue, 10 Jul 2001 13:14:51 +0300 Received: by mailserv.xpert.com with Internet Mail Service (5.5.2650.21) id <3GHBYW8R>; Tue, 10 Jul 2001 14:16:48 +0300 Message-ID: From: Yonatan Bokovza To: 'Francisco Reyes' , "Nickolay A. Kritsky" Cc: freebsd-security@freebsd.org Subject: RE: Cant ping/nslookup Date: Tue, 10 Jul 2001 14:16:48 +0300 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hey, Disclaimer: I'm not familiar with your network topology, Which seems to be not trivial if you have more then one NIC (fxp0 and ed0), hence I might be wrong. :) Your problem as I see it is that you can't communicate with your DNS, so you can't resolve freebsd.org, so you can't ping it. Try pinging 216.136.204.21, that's the resolved address. Your Firewall defaults to "deny". That's a good thing. However, due to your "grep deny" I don't see any rule that explicitly allows you to communicate with the rest of the world, or your DNS for that matter. I can help you off-list if you'd mail me the entire rulebase and a your network topology. Best Regards, Yonatan Bokovza IT Security Consultant Xpert Systems > -----Original Message----- > From: Francisco Reyes [mailto:lists@natserv.com] > Sent: Tuesday, July 10, 2001 13:24 > To: Nickolay A. Kritsky > Cc: freebsd-security@freebsd.org > Subject: Re: Cant ping/nslookup > > > On Tue, 10 Jul 2001, Nickolay A. Kritsky wrote: > > Pinging 160.79.54.10 with 32 bytes of data: > Request timed out. > Ping statistics for 160.79.54.10: > Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), > > c:\>nslookup freebsd.org > DNS request timed out. > timeout was 2 seconds. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message