Date: Fri, 28 Sep 2001 16:23:02 -0400 From: Bill Moran <wmoran@iowna.com> To: Parker Brown <phbrown@charter.net> Cc: questions@freebsd.org Subject: Re: dhclient: send_packet: Permission Denied Message-ID: <3BB4DC26.8474BE38@iowna.com> References: <3BAF944D.73747C9A@charter.net> <20010925103214.X10637@k7.mavetju.org> <3BB23078.B50CC742@charter.net> <01092620314103.02034@> <3BB24428.79F7CE88@charter.net> <3BB289E7.EB27E088@iowna.com> <3BB28E81.1A64B02D@charter.net> <3BB29980.28F78F0A@iowna.com> <3BB4CDB7.51528F05@charter.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Parker Brown wrote:
>
> YOU WERE RIGHT. (However...) I went back an looked through LINT and copied related
> options (IPFIREWALL, IP6FIREWALL, etc) and the boot messages looked quite different.
> Now I get continual messages like this:
>
> natd [nnn] failed to write packet back (Permission denied)
>
> I'm concerned about firewall safety, fer sure. Reading the option names and the
> allow/deny statements in re.firewall, I can see some sense in them, with the
> execption of some of the keywords like {oip}, etc. CAN YOU RECOMMEND a place on
> the Net or a particular book that might help me? Can you give me a quick fix for the
> natd problem above?
OK ... I've seen this before, but I don't remember _exactly_ what the problem is.
AFAIR, it has to do with natd translating packets that are later denied by the
firewall. I wrote an article a while back on this for Daemonnews:
http://www.daemonnews.org/200103/firewall.html
This rather walks through a firewall I setup, it specifically addresses that
"failed to write packet back" error.
If it's not enough info, email me for more ...
-Bill
--
"Where's the robot to pat you on the back?"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3BB4DC26.8474BE38>