From owner-freebsd-questions Thu Nov 9 10:38:42 2000 Delivered-To: freebsd-questions@freebsd.org Received: from smtppop1pub.verizon.net (smtppop1pub.gte.net [206.46.170.20]) by hub.freebsd.org (Postfix) with ESMTP id BF54F37B4C5 for ; Thu, 9 Nov 2000 10:38:39 -0800 (PST) Received: from gte.net (crtntx1-ar3-097-170.dsl.gtei.net [4.33.97.170]) by smtppop1pub.verizon.net with ESMTP for ; id MAA16618059 Thu, 9 Nov 2000 12:33:49 -0600 (CST) Message-ID: <3A0AEF4F.F801EE3@gte.net> Date: Thu, 09 Nov 2000 18:39:11 +0000 From: Jason Halbert X-Mailer: Mozilla 4.75 [en] (X11; U; FreeBSD 4.1.1-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: questions@freebsd.org Subject: Firewall Problem Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG FreeBSD: I'm having a slight problem with my firewall. I need to be able to trace route, but I don't think my firewall is allowing the packets out. Here is the result of trying to traceroute: next# traceroute 4.33.96.1 traceroute to 4.33.96.1 (4.33.96.1), 30 hops max, 40 byte packets traceroute: sendto: Permission denied 1 traceroute: wrote 4.33.96.1 40 chars, ret=-1 Here is a copy of my firewall rules: 00100 allow ip from 127.0.0.1 to 127.0.0.1 00200 allow tcp from any to any established 00300 allow tcp from any to 4.33.97.170 21-23 setup 00400 allow tcp from 206.46.170.10 to 4.33.97.170 113 setup 00500 allow tcp from 209.254.98.88 to 4.33.97.170 113 setup 00600 allow tcp from 205.133.127.30 to 4.33.97.170 113 setup 00700 allow tcp from 208.51.159.10 to 4.33.97.170 113 setup 00800 allow tcp from any to 4.33.97.170 65000 setup 00900 allow tcp from any to 4.33.97.170 5050 setup 01000 allow icmp from 4.33.97.170 to any icmptype 8 01100 allow icmp from any to 4.33.97.170 icmptype 0 01200 allow tcp from 4.33.97.170 to any out xmit xl0 setup 01300 allow udp from 4.2.2.1 53 to 4.33.97.170 via xl0 01400 allow udp from 4.33.97.170 to 4.2.2.1 via xl0 01500 allow udp from 4.2.2.2 53 to 4.33.97.170 via xl0 01600 allow udp from 4.33.97.170 to 4.2.2.2 via xl0 01700 allow udp from 4.2.2.3 53 to 4.33.97.170 via xl0 01800 allow udp from 4.33.97.170 to 4.2.2.3 via xl0 01900 allow udp from 4.33.97.170 to any 4000 02000 allow udp from any 4000 to 4.33.97.170 65535 deny ip from any to any My connection is DSL. Any help you can provide would greatly be appreciated. Thank You Jason P. Halbert Transmitter Engineer KDAF-TV WB33 res02jw5@gte.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message