From owner-freebsd-questions Mon Sep 30 6:34:14 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5788037B401 for ; Mon, 30 Sep 2002 06:34:12 -0700 (PDT) Received: from ncsmtp02.ogw.rr.com (ncsmtp02.ogw.rr.com [24.93.67.83]) by mx1.FreeBSD.org (Postfix) with ESMTP id 947D743E3B for ; Mon, 30 Sep 2002 06:34:11 -0700 (PDT) (envelope-from ETHORNTON@nc.rr.com) Received: from mail6.nc.rr.com (fe6 [24.93.67.53]) by ncsmtp02.ogw.rr.com (8.12.5/8.12.2) with ESMTP id g8UDYRup012793; Mon, 30 Sep 2002 09:34:28 -0400 (EDT) Received: from Nicoya ([66.26.236.202]) by mail6.nc.rr.com with Microsoft SMTPSVC(5.5.1877.757.75); Mon, 30 Sep 2002 09:34:09 -0400 Message-ID: <001f01c26886$0d5cff20$0200a8c0@Nicoya> From: "Eric Thornton" To: "Derrick Ryalls" , References: <000501c2684f$eb276d90$0200a8c0@bartxp> Subject: Re: 4.7 RC problem Date: Mon, 30 Sep 2002 09:34:07 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG If you compiled the kernel with the "option IPFIREWALL" you must configure an firewall or else packets will not pass through. Add the following lines to your /etc/rc.conf file firewall_enable="YES" firewall_type="open" firewall_script="/etc/rc.firewall" or if you want to do it without rebooting # ipfw add pass all from any to any You should then customise your firewall script to your needs as this setup is insecure. ----- Original Message ----- From: "Derrick Ryalls" To: Sent: Monday, September 30, 2002 3:06 AM Subject: 4.7 RC problem > First time posting here, and I didn't see the topic before, so here it > goes... > > I agree to help my brother set up a new bsd box six hours away, doing > everything remotely once there is network access to the box. After some > hardware issues were resolved, I did a cvsup to get everything up to > date and ready for a kernel compile. The o/s will eventually be used as > a router, but for now it has just one nic. > > cvsup goes fine, and I start the buildworld. No errors through the > whole process, so I reboot to switch to the new kernel. The machine is > now dead to me, it won't respond to pings/ssh/begging. On site, the box > is running, and my brother can log in fine (directly, not via ssh). > When I ask him to ping around or even ping localhost, it comes up with > "ping: sendto: permission denied". He also can't even ssh out. This > looks like a permissions/firewall issue, but he is logging in as root, > and there is no firewall active. The kernel does have settings for > routing, but nothing is activated in rc.conf. Has anyone heard of this > sort of error? At this point, we can't even hope for a fix later and > just cvsup it when it comes out, the only other option is to toast the > machine completely and go with an earlier revision and not cvsup. > > -Derrick > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message