Date: Fri, 28 Nov 2003 07:45:12 -0500 From: "Michael W. Oliver" <michael@gargantuan.com> To: Chip <chip@wiegand.org> Cc: freebsd-questions@freebsd.org Subject: Re: strange ping behavior Message-ID: <20031128124512.GA87947@gargantuan.com> In-Reply-To: <3FC71197.9050207@wiegand.org> References: <AMEMKJNMFLJCJDLFIEDBAEDMFDAA.aburke@nullplusone.com> <3FC71197.9050207@wiegand.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--HcAYCG3uE/tztfnV
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Nov 28, 2003 at 01:12:55AM -0800, Chip wrote:
> Aaron Burke wrote:
>=20
> > > check this out - I have a fbsd 4.6 box on my network, as well as a
> > > fbsd5.1 box and several XP boxes. I have a netgear router/firewall (a=
lso
> > > does dhcp and print server) box as well. The 4.6 box is set up on the
> > > network, the netgear dhcp server finds the box, as well as the 5.1 bo=
x,
> > > so they are 'talking' on the network. The 4.6 box cannot ping anythin=
g.
> > > I get this error -
> > > ping: sendto: permission denied
> > >
> > >
> > I get this message if I have disabled ICMP via the firewall.
> > If you have one running, make sure that your allowing ICMP through
> > it.
> >
> > This should be as easy as "ipfw 00001 add allow icmp from any to any".
> >
> Ping is allowed. All other computers on the network are able to ping out
> to the internet just fine, ,just the one 4.6 box cannot.
>
I suspect that what Aaron meant was that there is a local filtering
problem on the 4.6 machine. When you try to ping another device from
the 4.6 box, you get 'permission denied' (typical of local blocking via
ipfw). Are you running ipfw on the 4.6 machine? As root, issue the
command 'ipfw show' and you will know for sure.
> need to 4.6 box to show a connection to the network. I'll change out
> the nic tomorrow and see if that makes any differance.
I doubt that the nic is bad. If it were, FreeBSD probably wouldn't see
it, and wouldn't assign an IP address to a non-existent interface, and
any pings would likely result in a 'no route to destination' type of
error.
Try to ping the 4.6 host from another host on the network, then check
the arp table of the 'pinger'. If you don't see the IP <-> MAC entry
in the arp table, then that is another problem.
--=20
Mike
perl -e 'print unpack("u","88V]N=3D&%C=3D\"!I;F9O(&EN(&AE861E<G,*");'
--HcAYCG3uE/tztfnV
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)
iD8DBQE/x0NYsWv7q8X6o8kRAu0cAKCvR4RJKGFKGu8g2RUx3s7StWD6yACff/fc
z3GS9rBGGwEMe6xDy6RQgmQ=
=BRqi
-----END PGP SIGNATURE-----
--HcAYCG3uE/tztfnV--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031128124512.GA87947>