From owner-freebsd-pf@FreeBSD.ORG Sun Apr 18 05:43:37 2010 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9E9F4106566C for ; Sun, 18 Apr 2010 05:43:37 +0000 (UTC) (envelope-from gaurav@subisu.net.np) Received: from mx-02.subisu.net.np (smtp.subisu.net.np [202.63.240.2]) by mx1.freebsd.org (Postfix) with ESMTP id C0A278FC08 for ; Sun, 18 Apr 2010 05:43:35 +0000 (UTC) Received: from localhost (mx-02.subisu.net.np [127.0.0.1]) by mx-02.subisu.net.np (Postfix) with ESMTP id 69E131C0095 for ; Sun, 18 Apr 2010 11:28:30 +0545 (NPT) X-Virus-Scanned: amavisd-new at subisu.net.np Received: from mx-02.subisu.net.np ([127.0.0.1]) by localhost (mx-02.subisu.net.np [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NgTT0uHN+ly5 for ; Sun, 18 Apr 2010 11:28:22 +0545 (NPT) Received: from [202.63.244.34] (unknown [202.63.244.34]) by mx-02.subisu.net.np (Postfix) with ESMTP id 3F7C61C0085 for ; Sun, 18 Apr 2010 11:28:22 +0545 (NPT) Message-ID: <4BCA9BFA.3020700@subisu.net.np> Date: Sun, 18 Apr 2010 11:28:22 +0545 From: Gaurav Ghimire User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.10pre) Gecko/20100416 Shredder/3.0.5pre MIME-Version: 1.0 To: freebsd-pf@freebsd.org References: <4BC84F00.1060700@subisu.net.np> <85262.45908.qm@web38005.mail.mud.yahoo.com> In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: ping sendto: operation not permitted. X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Apr 2010 05:43:37 -0000 Hi Peter/Greg, Thanks for your replies. That indeed helped lot. It was the state table entries. Things seem cool now. Shall update if anything shows up. Regards, Gaurav On 04/16/2010 08:16 PM, Peter Maxwell wrote: > Checking whether there is anything unexpected in the dmesg output and > posting the output of > > pfctl -v -s a > > wouldn't hurt either. > > > > > > On 16 April 2010 14:57, jose ycogo wrote: > > >> >> i think its best if you post your pf.conf >> >> cheers... >> >> >> >> >> ________________________________ >> From: Gaurav Ghimire >> To: freebsd-pf@freebsd.org >> Sent: Friday, April 16, 2010 19:50:24 >> Subject: ping sendto: operation not permitted. >> >> Dear all, >> >> I am lately having problems with my firewall. There had not been any >> changes to the configuration and it had been working very fine. Out of >> nowhere I believe that pf is now acting abnormal and is blocking outgoing >> packets at random. It doesn't occur regular but I am getting the ping >> sendto: operation not permitted error and also its delaying udp queries to >> by dns servers that it generally protects. If I disable pf using 'pfctl -d' >> things go to normal and there isn't any issue. I also see connection breaks >> when the pf itself tries to contact my ldap server for information. >> Disabling pf makes everything go back to normal. Any hint as where I should >> be looking would be highly appreciated. I have been pulling my hairs >> literally lately. >> >> Regards, >> >> -- Gaurav >> >> _______________________________________________ >> freebsd-pf@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-pf >> To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" >> >> >> >> Get your preferred Email name! >> Now you can @ymail.com and @rocketmail.com. >> http://mail.promotions.yahoo.com/newdomains/aa/ >> _______________________________________________ >> freebsd-pf@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-pf >> To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" >> >> > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org"