Date: Tue, 06 Dec 2011 23:01:46 -0600 From: Tim Daneliuk <tundra@tundraware.com> To: FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: SOLVED: ipfw And ping Message-ID: <4EDEF33A.1020801@tundraware.com>
next in thread | raw e-mail | index | archive | help
I have a fairly restrictive firewall but I wanted to open a hole for ping and traceroute - both outbound from a NATed LAN as well as inbound to the boundary FreeBSD machine. The magic sauce turned out to be: ipfw add allow icmp from any to any icmptypes 0,3,4,8,11,12 The other insight here was that this rule had to occur *after* NAT got setup or internal users on the LAN would not be able to ping. Many thanks especially go to Robert Bonomi and Ian Smith for their help and patience with my foolish questions... Tim
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4EDEF33A.1020801>