no route to host

Jez Hancock jez.hancock at
Tue May 6 19:53:57 PDT 2003

On Wed, May 07, 2003 at 03:23:24AM +0200, Ronald Weinrich wrote:
> I build the kernel with
> options IPFILTER
> options IPFILTER_LOG
Do you have an ipf ruleset loading on boot?

> in rc.conf is
> hostname="firewall"
> defaultrouter=""  ??????
> gateway_enable="YES"
> ipnat_enable="YES"
> ifconfig_ed0="inet  netmask"
> kern_securelevel_enable="NO"
> linux_enable="NO"
> nfs_reserved_port_only="YES"
> sendmail_enable="YES"
> sshd_enable="YES"
It looks like the answer is no ;/

If this is the case then because of the 'IPFILTER_DEFAULT_BLOCK' line in
your kern conf everything will be blocked by default.  Try adding a
simple /etc/ipf.rules ruleset:

pass out all
pass in all

and make sure you add this to /etc/rc.conf:


To implement the 'allow all' ruleset either reboot or just do:

ipf -Fa -f /etc/ipf.rules

With luck this should allow you connectivity.


> ifconfig_ed0="inet  netmask"
Do you have an ifconfig line in /etc/rc.conf for your local network
In your other post with the network diagram you say
you have 'ep0' interface configured for your LAN, 
but in the rc.conf snippet above
you have no entry for the ep0 interface and your ifconfig output
suggests ep0 isn't active (or even present).

More information about the freebsd-questions mailing list