From owner-freebsd-questions Mon Jul 24 18:57:28 2000 Delivered-To: freebsd-questions@freebsd.org Received: from 2711.dynacom.net (2711.dynacom.net [206.107.213.3]) by hub.freebsd.org (Postfix) with ESMTP id EB09537B84B for ; Mon, 24 Jul 2000 18:57:25 -0700 (PDT) (envelope-from kstewart@urx.com) Received: from urx.com (dsl1-160.dynacom.net [206.159.132.160]) by 2711.dynacom.net (Build 101 8.9.3/NT-8.9.3) with ESMTP id SAA00467; Mon, 24 Jul 2000 18:57:22 -0700 Message-ID: <397CF3EA.25E3CD03@urx.com> Date: Mon, 24 Jul 2000 18:56:58 -0700 From: Kent Stewart Organization: Dynacom Net X-Mailer: Mozilla 4.74 [en] (Windows NT 5.0; U) X-Accept-Language: en,pdf MIME-Version: 1.0 To: Chris Hill Cc: Sam Carleton , FreeBSD Questions Subject: Re: allowing pings out from my firewall References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Chris Hill wrote: > > On Mon, 24 Jul 2000, Sam Carleton wrote: > > > ping: sendto: Permission denied > > > > After thinking about this for a moment, I realized that I believe this to > > be a firewall issue. I have the "simply" firewall running on this machine > > and I think it is the firewall that is stopping ping from going out. How > > do I modify the firewall to allow pings and traceroute to get out? > > I too am running ipfw in 'simple' mode. To allow ping, I added the line > '$fwcmd add pass icmp from any to any' (sans quotes of course) to > /etc/rc.firewall. Works. > > OTOH, traceroute still doesn't work for me. It's not that big a deal for > me right now, but I'd like to make it work on GPs. I found the examples on http://www.mostgraveconcern.com/freebsd/sheet.cgi?cdrw worked out of the box. They other examples required changes to work. I figured it was easier to start with something that worked and add my stuff than it was to make something I didn't understand work. Dan has a udp add that takes care of the traceroute. The example limits it to 30 hops. Kent > > HTH. > > -- > Chris Hill chris@monochrome.org > [1] Bus error netscape > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- Kent Stewart Richland, WA mailto:kbstew99@hotmail.com http://kstewart.urx.com/kstewart/index.html http://daily.daemonnews.org/ SETI (Search for Extraterrestrial Intelligence) @ Home http://setiathome.ssl.berkeley.edu/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message