no route to host
Jez Hancock
jez.hancock at munk.nu
Tue May 6 19:53:57 PDT 2003
On Wed, May 07, 2003 at 03:23:24AM +0200, Ronald Weinrich wrote:
> I build the kernel with
> options IPFILTER
> options IPFILTER_LOG
> options IPFILTER_DEFAULT_BLOCK
Do you have an ipf ruleset loading on boot?
> in rc.conf is
> hostname="firewall"
> defaultrouter="213.47.28.161" ??????
> gateway_enable="YES"
> ipnat_enable="YES"
> ifconfig_ed0="inet 213.47.28.166 netmask 255.255.255.240"
> kern_securelevel_enable="NO"
> linux_enable="NO"
> nfs_reserved_port_only="YES"
> sendmail_enable="YES"
> sshd_enable="YES"
It looks like the answer is no ;/
If this is the case then because of the 'IPFILTER_DEFAULT_BLOCK' line in
your kern conf everything will be blocked by default. Try adding a
simple /etc/ipf.rules ruleset:
pass out all
pass in all
and make sure you add this to /etc/rc.conf:
ipfilter_enable="YES"
ipfilter_rules="/etc/ipf.rules"
To implement the 'allow all' ruleset either reboot or just do:
ipf -Fa -f /etc/ipf.rules
With luck this should allow you connectivity.
Regards,
Jez
PS
> ifconfig_ed0="inet 213.47.28.166 netmask 255.255.255.240"
Do you have an ifconfig line in /etc/rc.conf for your local network
interface???
In your other post with the network diagram you say
you have 'ep0' interface configured for your LAN,
but in the rc.conf snippet above
you have no entry for the ep0 interface and your ifconfig output
suggests ep0 isn't active (or even present).
More information about the freebsd-questions
mailing list