From owner-freebsd-questions Mon Jul 24 14:24:41 2000 Delivered-To: freebsd-questions@freebsd.org Received: from ipass.one.net (news2.one.net [206.112.192.118]) by hub.freebsd.org (Postfix) with ESMTP id 5807537BD30 for ; Mon, 24 Jul 2000 14:24:35 -0700 (PDT) (envelope-from scarleton@miltonstreet.com) Received: from miltonstreet.com (ws11.syner.com [63.84.188.11] (may be forged)) by ipass.one.net (8.8.7/8.8.7) with ESMTP id RAA32373 for ; Mon, 24 Jul 2000 17:24:32 -0400 Message-ID: <397CB410.9257A981@miltonstreet.com> Date: Mon, 24 Jul 2000 17:24:33 -0400 From: Sam Carleton X-Mailer: Mozilla 4.73 [en] (Windows NT 5.0; I) X-Accept-Language: en MIME-Version: 1.0 To: FreeBSD Questions Subject: allowing pings out from my firewall References: <397CAB93.483FBE99@miltonstreet.com> <20000724140721.C13979@fw.wintelcom.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Alfred Perlstein wrote: > * Sam Carleton [000724 13:49] wrote: > > I have a normal user on my FreeBSD box that needs to run ping and > > traceroute. I do NOT want to give this user the ability to su in as > > root. What do I need to do so this user can run ping and traceroute? > > Ping and traceroute are suid therefore you don't need to be root > to use them, they automatically grant the appropriate level of > privledge to perform the operations needed. I was wrong, I (as root) just tried to ping something and I got the error message: ping: sendto: Permission denied After thinking about this for a moment, I realized that I believe this to be a firewall issue. I have the "simply" firewall running on this machine and I think it is the firewall that is stopping ping from going out. How do I modify the firewall to allow pings and traceroute to get out? -- Sam Carleton Please stop by http://www.maineville.net and help my local police force! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message