From owner-freebsd-net Fri Sep 7 12:51:53 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by hub.freebsd.org (Postfix) with SMTP id BA82E37B408 for ; Fri, 7 Sep 2001 12:51:50 -0700 (PDT) Received: (qmail 6413 invoked by uid 0); 7 Sep 2001 19:51:49 -0000 Received: from pd901422e.dip.t-dialin.net (HELO thibaultbautze) (217.1.66.46) by mail.gmx.net (mp005-rz3) with SMTP; 7 Sep 2001 19:51:49 -0000 Message-ID: <005c01c137d6$e7ea3720$817b7b7b@my.network.net> From: "Thibault Bautze" To: Subject: Re: nat problems Date: Fri, 7 Sep 2001 21:54:29 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org ----- Original Message ----- > > I found that you cannot ping this sites, even if I'm sitting on the firewall > > or connectet with my > > windows box directly to the internet. > > Here is the result for a ping: > > > > # ping www.gmx.de > > PING www.gmx.de (213.165.65.100): 56 data bytes > > 36 bytes from 62.156.128.226: Communication prohibited by filter > > Vr HL TOS Len ID Flg off TTL Pro cks Src Dst > > 4 5 00 5400 00ff 0 0000 fa 01 8d4c 217.1.yy.xx 213.165.65.100 > > --- www.gmx.de ping statistics --- > > 16 packets transmitted, 0 packets received, 100% packet loss > > > > 62.156.128.226 is in this case the other side of the ppp tunel, my ISP ( > > t-online, > > Germany if it can help ) > > > > But I'm not sure if it makes a difference, if you can ping them or not. I > > got > > the same result with ping www.microsoft.com ( bad example, I know ; ) ) , > > but I can open this site on my > > freebsd or windows box. > > It makes a difference because the firewall is blocking ICMP which is used > to allow the maximum packet size negotiation. > Even if I use IPFIREWALL_DEFAULT_TO_ACCEPT ? I'm just configuring the router, the firewall funtions comes later. Thanks for your advices, Thibault Bautze To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message