From owner-freebsd-questions@FreeBSD.ORG Thu Jan 12 17:00:07 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3BA8316A41F for ; Thu, 12 Jan 2006 17:00:07 +0000 (GMT) (envelope-from nalists@scls.lib.wi.us) Received: from mail.scls.lib.wi.us (mail.scls.lib.wi.us [198.150.40.25]) by mx1.FreeBSD.org (Postfix) with ESMTP id D3D5043D46 for ; Thu, 12 Jan 2006 17:00:06 +0000 (GMT) (envelope-from nalists@scls.lib.wi.us) Received: from [172.26.2.238] ([172.26.2.238]) by mail.scls.lib.wi.us (8.12.9p2/8.12.9) with ESMTP id k0CH04R4077467; Thu, 12 Jan 2006 11:00:04 -0600 (CST) (envelope-from nalists@scls.lib.wi.us) Message-ID: <43C68B13.5020001@scls.lib.wi.us> Date: Thu, 12 Jan 2006 11:00:03 -0600 From: Greg Barniskis User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Martin McCormick References: <200601121635.k0CGZ2hn025757@dc.cis.okstate.edu> In-Reply-To: <200601121635.k0CGZ2hn025757@dc.cis.okstate.edu> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: Strange Failure Mode in FreeBSD 4.11 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jan 2006 17:00:07 -0000 Martin McCormick wrote: > I built a FreeBSD 4.11 system recently which is to be remotely > installed in another town. The system worked on our network while I > tested it and installed several ports, etc. We then moved it to the > town where it is supposed to live and now, there's big trouble. > > The Ethernet interface, known as em0 on this system, comes up > According to all the messages. If, however, you try to use it, it is > as dead as a stone. If I try to ping the local host from root, I get this: > > ping: sendto: Permission denied > ping: sendto: Permission denied > ping: sendto: Permission denied > > I get the same response when trying to ping real hosts over > the network. This smells like ipfw denial -- at least, that is the exact same message I get on a box where ICMP is blocked by ipfw rules. When it shipped, did your new box go into an IP range for which ipfw rules (or other filter) would apply, where maybe they did not previously apply on your build/test network? > Pinging that system from a known good system is like pinging a > disconnected Ethernet jack in that absolutely nothing happens. If I'm right, you'll see that something happens, in at least the target IP address is ARPed for and you should see the target's MAC in the arp table on the known good system, even if the pings never return. That should at least give you confidence that the NIC in question is functioning insofar as it responds to an ARP request. tcpdump is possibly your friend as well here. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) , (608) 266-6348