From owner-freebsd-questions@FreeBSD.ORG Mon Jun 16 21:51:01 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 466C437B401 for ; Mon, 16 Jun 2003 21:51:01 -0700 (PDT) Received: from adsl-64-161-78-226.dsl.lsan03.pacbell.net (adsl-64-161-78-226.dsl.lsan03.pacbell.net [64.161.78.226]) by mx1.FreeBSD.org (Postfix) with SMTP id 858EB43FA3 for ; Mon, 16 Jun 2003 21:51:00 -0700 (PDT) (envelope-from oremanj@adsl-64-161-78-226.dsl.lsan03.pacbell.net) Received: (qmail 90055 invoked by uid 1001); 17 Jun 2003 04:53:22 -0000 Date: Mon, 16 Jun 2003 21:53:22 -0700 From: Joshua Oreman To: Rohit Neupane Message-ID: <20030617045322.GA90034@webserver.get-linux.org> References: <3EEE9D2C.1070300@wlink.com.np> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3EEE9D2C.1070300@wlink.com.np> User-Agent: Mutt/1.4.1i cc: questions@freebsd.org Subject: Re: Network Problem with custom kernel X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jun 2003 04:51:01 -0000 On Tue, Jun 17, 2003 at 10:31:36AM +0545 or thereabouts, Rohit Neupane seemed to write: > Hi, > I'm new to freebsd. I'm using 4.6.2-RELEASE. After compiling a custom > kernel I'm getting problem in the network. When I try to ping any > machine I get message "ping: sendto: No route to host" I can't even > ping the localhost . > I guess my network interface is properly detected. ifconfig shows my > network interface is xl0 > I've allowed everything in the firewall on the very first rule. > These are the options I've put in the kernel > > device miibus > device xl > > options INET > options INET6 > options MROUTING > options IPFIREWALL > options IPFIREWALL_VERBOSE > options IPFIREWALL_FORWARD > options IPFIREWALL_VERBOSE_LIMIT=100 > options IPFIREWALL_DEFAULT_TO_ACCEPT > options IPDIVERT > options IPFILTER > options IPFILTER_LOG > options IPFILTER_DEFAULT_BLOCK ^^^^^^^^^^^^^ That's it, right there. > options IPSTEALTH > > I guess I'm missing something. Also, how can I do "make distclean" (as > in linux) if I want to recompile then kernel ? > Thanks a lot. You've blocked all traffic by default. Blocking via firewall doesn't just block incoming packets; it blocks outbound ones too. You have three options: * Remove the IPFILTER_DEFAULT_BLOCK line * Run `ipf -D' * Set up an IPF firewall But really, why would you have both IPFIREWALL and IPFILTER in the kernel? You should only have one. -- Josh > > regards, > Rohit Neupane > > > > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"