ipfw erratic on 7 stable

Jeremy Chadwick koitsu at FreeBSD.org
Thu Nov 13 04:27:38 PST 2008


On Thu, Nov 13, 2008 at 01:24:10PM +0200, David Peall wrote:
> I'm having a problem with ipfw, I think.
> 
> For some reason it denies packets randomly for example:
> 
> PING 196.14.239.2 (196.14.239.2): 56 data bytes
> ping: sendto: Permission denied
> ping: sendto: Permission denied
> 64 bytes from 196.14.239.2: icmp_seq=2 ttl=63 time=0.258 ms
> 64 bytes from 196.14.239.2: icmp_seq=3 ttl=63 time=0.233 ms
> 64 bytes from 196.14.239.2: icmp_seq=4 ttl=63 time=0.211 ms
> 
> Not sure what else would be helpful at this point.
> 
> Running:
> FreeBSD 7.1-PRERELEASE #0: Fri Oct 31 09:44:07 UTC 2008     

In my experiences, "Permission denied" is returned if you have a rule
that blocks certain outbound packets; the OS tells the socket owner "no
can do".

There isn't enough information in the above report to help determine why
it happens randomly; what flags have you passed ping?  And please
provide your entire ipfw ruleset, something may stand out.

-- 
| Jeremy Chadwick                                jdc at parodius.com |
| Parodius Networking                       http://www.parodius.com/ |
| UNIX Systems Administrator                  Mountain View, CA, USA |
| Making life hard for others since 1977.              PGP: 4BD6C0CB |



More information about the freebsd-stable mailing list