Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 04 Nov 2004 09:58:28 -0600
From:      "Kevin D. Kinsey, DaleCo, S.P." <kdk@daleco.biz>
To:        Kenneth W Cochran <kwc@theworld.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: traceroute: sendto: Permission denied (4.10-RELEASE)
Message-ID:  <418A51A4.7080603@daleco.biz>
In-Reply-To: <200411041400.JAA449229@shell.TheWorld.com>
References:  <200411041400.JAA449229@shell.TheWorld.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Kenneth W Cochran wrote:

>Hello -questions:
>
>Lately (since a few days ago) I've been getting an oddity from
>traceroute, for example:
>--------------------
>traceroute to www.freebsd.org (216.136.204.117), 64 hops max, 44 byte packets
>traceroute: sendto: Permission denied
> 1 traceroute: wrote www.freebsd.org 44 chars, ret=-1
> *traceroute: sendto: Permission denied
>traceroute: wrote www.freebsd.org 44 chars, ret=-1
> * 10.108.0.1 (10.108.0.1)  7.212 ms
>
>[other hops that look just fine]
>
>13  www.freebsd.org (216.136.204.117)  94.209 ms  87.449 ms  89.103 ms
>--------------------
>
>OS is 4.10-RELEASE, built from source acquired via cvsup.
>I get that "Permission denied" at the beginning regardless of
>where I might try tracing "outside" (external interface - dc0)
>e.g. it works just fine to my local net (local interface - dc1).
>Up until a few days ago, traceroute "worked fine" and never (as
>far as I recall) reported such a message.
>
>Btw, that 10.108.0.1 hop has been there for ages, and while I
>think it's "unusual" it has been there for ages & hasn't
>previously affected traces.
>
>The difference between previous & now is that "traceroute:
>sendto: Permission denied" message
>
>What does that mean?  What is traceroute trying to do?
>I tried the "tracert" from a local (NATed) Win2k machine & that
>seems to work as it always has.  {shrug}
>
>Any idea(s) what's (not) happening?
>Is my upstream connection blocking something (again)?
>Is there some kind of workaround/fix (perhaps my firewall config)?
>
>Thanks,
>
>-kc
>  
>

In my limited experience, this is almost certainly a misconfiguration
of the firewall ... (assuming, of course, that you wish the firewall to
permit the use of traceroute....)

KDK



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?418A51A4.7080603>