From owner-freebsd-questions Mon Jul 24 17:43:15 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mail.monochrome.org (monochrome.org [206.64.112.124]) by hub.freebsd.org (Postfix) with ESMTP id EA96837B56B for ; Mon, 24 Jul 2000 17:43:06 -0700 (PDT) (envelope-from chris@monochrome.org) Received: from localhost (faro [192.168.1.7]) by mail.monochrome.org (8.9.3/8.9.3) with SMTP id UAA93977; Mon, 24 Jul 2000 20:42:58 -0400 (EDT) (envelope-from chris@monochrome.org) Date: Mon, 24 Jul 2000 20:42:58 -0400 (EDT) From: Chris Hill X-Sender: chris@localhost Reply-To: Chris Hill To: Sam Carleton Cc: FreeBSD Questions Subject: Re: allowing pings out from my firewall In-Reply-To: <397CB410.9257A981@miltonstreet.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 24 Jul 2000, Sam Carleton wrote: > ping: sendto: Permission denied > > After thinking about this for a moment, I realized that I believe this to > be a firewall issue. I have the "simply" firewall running on this machine > and I think it is the firewall that is stopping ping from going out. How > do I modify the firewall to allow pings and traceroute to get out? I too am running ipfw in 'simple' mode. To allow ping, I added the line '$fwcmd add pass icmp from any to any' (sans quotes of course) to /etc/rc.firewall. Works. OTOH, traceroute still doesn't work for me. It's not that big a deal for me right now, but I'd like to make it work on GPs. HTH. -- Chris Hill chris@monochrome.org [1] Bus error netscape To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message