Date: Wed, 5 Sep 2001 20:52:55 -0500 (CDT) From: Cary <scattered@babel.acu.edu> To: Dru <genisis@istar.ca> Cc: Bill Moran <wmoran@iowna.com>, freebsd-questions <freebsd-questions@FreeBSD.ORG> Subject: Re: dhclient problems (w/ ipfw show) Message-ID: <Pine.LNX.4.10.10109052051360.4932-100000@babel.acu.edu> In-Reply-To: <20010905201754.D25332-100000@x1-6-00-50-ba-de-36-33.kico1.on.home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
00100 0 0 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 00400 527 36501 allow ip from 150.252.106.57 to 150.252.104.0/21 00500 498 249731 allow ip from 150.252.104.0/21 to 150.252.106.57 00600 13973 1096248 allow tcp from any to any established 00700 0 0 allow ip from any to any frag 00800 0 0 allow tcp from any to 150.252.106.57 25 setup 00900 5 220 allow tcp from 150.252.106.57 to any setup 01000 19 1120 deny tcp from any to any setup 01100 6 478 allow udp from 150.252.106.57 to any 53 keep-state 01200 3894 295944 allow udp from 150.252.106.57 to any 123 keep-state 65535 103876 14505389 deny ip from any to any ## Dynamic rules: 01200 1 76 (T 10, # 82) ty 0 udp, 150.252.106.57 123 <-> 150.252.128.107 123 01200 0 0 (T 17, # 92) ty 0 udp, 150.252.106.57 123 <-> 132.163.4.101 123 01200 3 228 (T 10, # 113) ty 0 udp, 150.252.106.57 123 <-> hope this helps. my computer is 106.57. Cary Mathews Abilene Christian University ACM Chair | Education Committee | System Admin: babel.acu.edu On Wed, 5 Sep 2001, Dru wrote: > > > On Wed, 5 Sep 2001, Bill Moran wrote: > > > On Wednesday 05 September 2001 16:22, Cary wrote: > > > I've had my box up and running for about 2 weeks, no problems. About > > > 5 days ago, I suddenly started getting the following message in my > > > system logs: > > > Sep 4 20:39:54 fledermaus dhclient: send_packet: Permission denied > > > > > > I have the kernel firewall (ipfw) installed and have used the rc.d > > > script to start it up on bootup, as a client computer. But the > > > dhcp.lease is recieved > > > without any problem when I bootup, so I don't think ipfw is the source > > > of the problem. If I turn my computer reboot my computer, it may or > > > may not get the lease at first, but then it will. Afterwards, I can > > > access the network and all, but then these messages start showing up > > > again. My ability to get work done is not affected (that I've noticed) > > > but it is very annoying to have to scroll through the syslogs and > > > seeing this repeated ad infinitum. > > > > I hit this one a little while back with firewalls. If I'm remembering incorrectly, > > someone else feel free to correct me. > > When the machine first boots up, and it doesn't know who the DHCP > > server will be, it does ethernet broadcasts to find a DHCP server and config > > its networking. > > However, once it's been running for a while and it's time to renew the > > DHCP lease, it connects to the server in a different manner - which can > > be adversely affected by firewall rules. > > I don't remember the details (i.e. ports and firewall rules to allow DHCP) > > but the way I figured it out was to run a sniffer (ethereal or tcpdump) and > > see what was actually happening. You can do the same. > > Hi Cary, > > I second what Bill says; though it's hard to see what's blocking what > without a look at your firewall rules. The following article might shed > some light on what DHCP is doing: > > http://www.onlamp.com/pub/a/bsd/2001/06/01/FreeBSD_Basics.html > > If that doesn't help, send the output of "ipfw show" to the list. > > Dru > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.10.10109052051360.4932-100000>