Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 24 Jul 2000 21:27:10 -0700
From:      Kent Stewart <kstewart@urx.com>
To:        Sam Carleton <scarleton@miltonstreet.com>
Cc:        FreeBSD Questions <freebsd-questions@FreeBSD.ORG>
Subject:   Re: allowing pings out from my firewall
Message-ID:  <397D171E.117F789E@urx.com>
References:  <397D0CC8.D6E2B382@miltonstreet.com>
next in thread | previous in thread | raw e-mail | index | archive | help 


Sam Carleton wrote:
> 
> Alfred Perlstein wrote:
> 
> > * Sam Carleton <scarleton@miltonstreet.com> [000724 13:49] wrote:
> > > I have a normal user on my FreeBSD box that needs to run ping and
> > > traceroute.  I do NOT want to give this user the ability to su in as
> 
> > > root.  What do I need to do so this user can run ping and
> traceroute?
> >
> > Ping and traceroute are suid therefore you don't need to be root
> > to use them, they automatically grant the appropriate level of
> > privledge to perform the operations needed.
> 
> I was wrong, I (as root) just tried to ping something and I got the
> error
> message:
> 
> ping: sendto: Permission denied
> 
> After thinking about this for a moment, I realized that I believe this
> to
> be a firewall issue.  I have the "simply" firewall running on this
> 4.0-STABLE
> machine and I think it is the firewall that is stopping ping from going
> out.  How
> do I modify the firewall to allow pings  and traceroute to get out?

See the "Setting-up a Dual-Homed Host..." at
http://www.mostgraveconcern.com/freebsd/. He has an example of
allowing ping and another for setting up traceroute. The traceroute
only permits 30 hop's. 

Kent

> 
> --
> Sam Carleton
> Please stop by http://www.maineville.net and
> help my local police force!
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message

-- 
Kent Stewart
Richland, WA

mailto:kbstew99@hotmail.com
http://kstewart.urx.com/kstewart/index.html
FreeBSD News http://daily.daemonnews.org/

Bomber dropping fire retardant in front of Hanford Wild fire.
http://kstewart.urx.com/kstewart/bomber.jpg


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?397D171E.117F789E>