From owner-freebsd-questions Mon Jul 24 20:33:35 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mail2.one.net (mail2.one.net [206.112.192.100]) by hub.freebsd.org (Postfix) with ESMTP id D331A37B696 for ; Mon, 24 Jul 2000 20:33:29 -0700 (PDT) (envelope-from carleton@one.net) Received: from ztown3-3-38.adsl.one.net ([216.23.29.38] EHLO miltonstreet.com ident: IDENT-NOT-QUERIED [port 60663]) by mail2.one.net with ESMTP id <264912-28925>; Mon, 24 Jul 2000 23:33:22 -0400 Message-ID: <397D0CC8.D6E2B382@miltonstreet.com> From: Sam Carleton X-Mailer: Mozilla 4.72 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: FreeBSD Questions Subject: allowing pings out from my firewall Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Date: Mon, 24 Jul 2000 23:33:15 -0400 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Alfred Perlstein wrote: > * Sam Carleton [000724 13:49] wrote: > > I have a normal user on my FreeBSD box that needs to run ping and > > traceroute. I do NOT want to give this user the ability to su in as > > root. What do I need to do so this user can run ping and traceroute? > > Ping and traceroute are suid therefore you don't need to be root > to use them, they automatically grant the appropriate level of > privledge to perform the operations needed. I was wrong, I (as root) just tried to ping something and I got the error message: ping: sendto: Permission denied After thinking about this for a moment, I realized that I believe this to be a firewall issue. I have the "simply" firewall running on this 4.0-STABLE machine and I think it is the firewall that is stopping ping from going out. How do I modify the firewall to allow pings and traceroute to get out? -- Sam Carleton Please stop by http://www.maineville.net and help my local police force! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message