From owner-freebsd-net@FreeBSD.ORG Sun Feb 22 12:07:26 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 701DF16A4CE for ; Sun, 22 Feb 2004 12:07:26 -0800 (PST) Received: from ctb-mesg4.saix.net (ctb-mesg4.saix.net [196.25.240.76]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1BC1F43D1F for ; Sun, 22 Feb 2004 12:07:26 -0800 (PST) (envelope-from karnaugh@karnaugh.za.net) Received: from colin (rrba-ip-nas-1-p143.telkom-ipnet.co.za [155.239.84.143]) by ctb-mesg4.saix.net (Postfix) with SMTP id 736BEAA34; Sun, 22 Feb 2004 22:07:21 +0200 (SAST) Message-ID: <001401c3f97f$8326d970$0499a8c0@colin> From: "Colin Alston" To: "Barney Wolff" , References: <20040222122932.65801.qmail@web25208.mail.ukl.yahoo.com> <20040222185341.GA26597@pit.databus.com> Date: Sun, 22 Feb 2004 22:07:33 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Subject: Re: unable to ping or connect to freebsd X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Feb 2004 20:07:26 -0000 > On Sun, Feb 22, 2004 at 01:29:32PM +0100, Sylvain Lemasson wrote: > > Hi, > > I have installed freebsd 5.2.1 and connect it to the > > network using ppp. it works well. I have access to > > internet but I am unable to ping the freebsd from > > another computer. The network card get the ICMP > > packets but it seems that they are filters whereas no > > firewall like ipfw are installed. My rc.conf is > > bellow. As you can see the kernel_secureLevel is > > disable. > > > > ppp_nat="yes" > > NAT normally does not allow connections from outside in, or unsolicited > UDP or ICMP from outside in. Why do you need to allow that? Or, unless > your fbsd box is acting as a router, why do you need NAT? > Unless ppp_nat="yes" engages some userland ppp filtering, I see no reason why that would block ICMP. On my userland PPP setup with NAT enabled ('nat enable' in ppp.conf iirc) the router still acts as if it were a normaly connected machine and responds to ICMP echo requests and traceroutes etc.