From owner-freebsd-questions  Fri Sep 28 13:21:55 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from clmboh1-smtp3.columbus.rr.com (clmboh1-smtp3.columbus.rr.com [65.24.0.112])
	by hub.freebsd.org (Postfix) with ESMTP id 44E8037B406
	for <questions@freebsd.org>; Fri, 28 Sep 2001 13:21:52 -0700 (PDT)
Received: from iowna.com (dhcp065-024-023-038.columbus.rr.com [65.24.23.38])
	by clmboh1-smtp3.columbus.rr.com (8.11.2/8.11.2) with ESMTP id f8SKHpR05924;
	Fri, 28 Sep 2001 16:17:51 -0400 (EDT)
Message-ID: <3BB4DC26.8474BE38@iowna.com>
Date: Fri, 28 Sep 2001 16:23:02 -0400
From: Bill Moran <wmoran@iowna.com>
X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.4-RC i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Parker Brown <phbrown@charter.net>
Cc: questions@freebsd.org
Subject: Re: dhclient: send_packet: Permission Denied
References: <3BAF944D.73747C9A@charter.net> <20010925103214.X10637@k7.mavetju.org> <3BB23078.B50CC742@charter.net> <01092620314103.02034@> <3BB24428.79F7CE88@charter.net> <3BB289E7.EB27E088@iowna.com> <3BB28E81.1A64B02D@charter.net> <3BB29980.28F78F0A@iowna.com> <3BB4CDB7.51528F05@charter.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Parker Brown wrote:
> 
> YOU WERE RIGHT.  (However...)  I went back an looked through LINT and copied related
> options (IPFIREWALL, IP6FIREWALL, etc) and the boot messages looked quite different.
> Now I get continual messages like this:
> 
> natd [nnn]  failed to write packet back (Permission denied)
> 
> I'm concerned about firewall safety, fer sure.  Reading the option names and the
> allow/deny statements in re.firewall, I can see some sense in them, with the
> execption of some of the keywords like {oip}, etc.  CAN YOU RECOMMEND   a place on
> the Net or a particular book that might help me?  Can you give me a quick fix for the
> natd problem above?

OK ... I've seen this before, but I don't remember _exactly_ what the problem is.
AFAIR, it has to do with natd translating packets that are later denied by the
firewall.  I wrote an article a while back on this for Daemonnews:
http://www.daemonnews.org/200103/firewall.html
This rather walks through a firewall I setup, it specifically addresses that
"failed to write packet back" error.

If it's not enough info, email me for more ...

-Bill

-- 
"Where's the robot to pat you on the back?"

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message