From owner-freebsd-pf@FreeBSD.ORG Fri Apr 16 14:31:06 2010 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 174DB1065670 for ; Fri, 16 Apr 2010 14:31:06 +0000 (UTC) (envelope-from allicient3141@googlemail.com) Received: from mail-gw0-f54.google.com (mail-gw0-f54.google.com [74.125.83.54]) by mx1.freebsd.org (Postfix) with ESMTP id C28638FC12 for ; Fri, 16 Apr 2010 14:31:04 +0000 (UTC) Received: by gwaa12 with SMTP id a12so1377493gwa.13 for ; Fri, 16 Apr 2010 07:31:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:received:message-id:subject :from:to:content-type; bh=AjYUCeSB1uHS5xySDvLc/Ya9DkDtb/xezRgmDDl3RlM=; b=HLRSdHLmMAhzhtu1i3bx/2wPdXXMzRuRK4/pPrklq/0kzMAPNYhh0unaooN3X2LyZz vqYQdk+UTwnkqgLLNApFSCwa5sP43vzNd+xmlsFPmeQfbbPZnijYpfpZaQxOnaXjTZ8C xu/h1RU4ROszRj7maCjCuDqKrP0d8j+dDaDkk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; b=l5x9o3W/MxSfGA6dTo1jhaRmmyASekEpF7bl1wRWu0rA+0SYRusLoXvcAqKRnU0Xu4 DrcLP0rC41YJSA7JxKsH7qw1L9YdQtccHfRI7MC/wDP16/Wv7Z8L90U/xS+Ik4UrRwTX 9hHvL7VBG40YvN2rn/V8PS674St6Pb73hmMC4= MIME-Version: 1.0 Sender: allicient3141@googlemail.com Received: by 10.90.86.7 with HTTP; Fri, 16 Apr 2010 07:31:04 -0700 (PDT) In-Reply-To: <85262.45908.qm@web38005.mail.mud.yahoo.com> References: <4BC84F00.1060700@subisu.net.np> <85262.45908.qm@web38005.mail.mud.yahoo.com> Date: Fri, 16 Apr 2010 15:31:04 +0100 X-Google-Sender-Auth: 10341b51462a8a14 Received: by 10.91.51.25 with SMTP id d25mr969530agk.41.1271428264152; Fri, 16 Apr 2010 07:31:04 -0700 (PDT) Message-ID: From: Peter Maxwell To: freebsd-pf@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Re: ping sendto: operation not permitted. X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Apr 2010 14:31:06 -0000 Checking whether there is anything unexpected in the dmesg output and posting the output of pfctl -v -s a wouldn't hurt either. On 16 April 2010 14:57, jose ycogo wrote: > > > i think its best if you post your pf.conf > > cheers... > > > > > ________________________________ > From: Gaurav Ghimire > To: freebsd-pf@freebsd.org > Sent: Friday, April 16, 2010 19:50:24 > Subject: ping sendto: operation not permitted. > > Dear all, > > I am lately having problems with my firewall. There had not been any > changes to the configuration and it had been working very fine. Out of > nowhere I believe that pf is now acting abnormal and is blocking outgoing > packets at random. It doesn't occur regular but I am getting the ping > sendto: operation not permitted error and also its delaying udp queries to > by dns servers that it generally protects. If I disable pf using 'pfctl -d' > things go to normal and there isn't any issue. I also see connection breaks > when the pf itself tries to contact my ldap server for information. > Disabling pf makes everything go back to normal. Any hint as where I should > be looking would be highly appreciated. I have been pulling my hairs > literally lately. > > Regards, > > -- Gaurav > > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > > > > Get your preferred Email name! > Now you can @ymail.com and @rocketmail.com. > http://mail.promotions.yahoo.com/newdomains/aa/ > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" >