Date: Wed, 7 May 2003 03:55:44 +0100 From: Jez Hancock <jez.hancock@munk.nu> To: freebsd-questions@freebsd.org Subject: Re: no route to host Message-ID: <20030507025544.GB50255@users.munk.nu> In-Reply-To: <3EB87C2C.16955.73F15B3@localhost> References: <3EB85E97.29721.6CB887E@localhost> <3EB87C2C.16955.73F15B3@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, May 07, 2003 at 03:23:24AM +0200, Ronald Weinrich wrote: > I build the kernel with > options IPFILTER > options IPFILTER_LOG > options IPFILTER_DEFAULT_BLOCK Do you have an ipf ruleset loading on boot? > in rc.conf is > hostname="firewall" > defaultrouter="213.47.28.161" ?????? > gateway_enable="YES" > ipnat_enable="YES" > ifconfig_ed0="inet 213.47.28.166 netmask 255.255.255.240" > kern_securelevel_enable="NO" > linux_enable="NO" > nfs_reserved_port_only="YES" > sendmail_enable="YES" > sshd_enable="YES" It looks like the answer is no ;/ If this is the case then because of the 'IPFILTER_DEFAULT_BLOCK' line in your kern conf everything will be blocked by default. Try adding a simple /etc/ipf.rules ruleset: pass out all pass in all and make sure you add this to /etc/rc.conf: ipfilter_enable="YES" ipfilter_rules="/etc/ipf.rules" To implement the 'allow all' ruleset either reboot or just do: ipf -Fa -f /etc/ipf.rules With luck this should allow you connectivity. Regards, Jez PS > ifconfig_ed0="inet 213.47.28.166 netmask 255.255.255.240" Do you have an ifconfig line in /etc/rc.conf for your local network interface??? In your other post with the network diagram you say you have 'ep0' interface configured for your LAN, but in the rc.conf snippet above you have no entry for the ep0 interface and your ifconfig output suggests ep0 isn't active (or even present).
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030507025544.GB50255>