Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 20 Aug 2003 09:27:24 -0400 (EDT)
From:      Andre Guibert de Bruet <andy@siliconlandmark.com>
To:        John Reynolds~ <jreynold@sedona.ch.intel.com>
Cc:        "John J. Rushford" <jjrushford@mac.com>
Subject:   Re: Is rl broken?
Message-ID:  <20030820092317.U452@alpha.siliconlandmark.com>
In-Reply-To: <16194.63010.693361.890699@chlx254.ch.intel.com>
References:  <BB68342D.B3D%jjrushford@mac.com> <16194.63010.693361.890699@chlx254.ch.intel.com>

next in thread | previous in thread | raw e-mail | index | archive | help

On Tue, 19 Aug 2003, John Reynolds~ wrote:

>
> This thread originally taken from the -stable mailing list, but I'm seeing
> weird things in -current now, so I thought I'd ask ....
>
> > I cvsup'd and rebuilt a FreeBSD 4.8 system last Friday after receiving the
> > realpath security advisory.  The machine is remote and the NIC uses the rl
> > driver.  After booting the machine I had no network connectivity.  The
> > person at the remote site says the boot was normal and he could see that the
> > NIC was properly configured but he could not ping it and I could not login.
> > We booted off kernel.old and everything came up fine.
> >
>
> I have a machine with an Intel nic using the fxp driver that is exhibiting the
> same sort of weirdness. I just installed 5.1-RELEASE on it after it was built
> and things were rock solid. I got my NIC configured to use DHCP in my LAN here
> at home, everything's fine. then I cvsup and buildworld/kernel (the same
> kernel config that an *identical* system on my LAN is using) and test out the
> new kernel before installkernel and dhclient seems to finish properly and the
> interface seems configured correctly with the correct IP. netstat -r shows the
> right stuff, but I can't even ping the NIC itself. It says
>
>  sendto: permission denied
>
> when I try to ping the NIC itself and *also* 127.0.0.1. If I revert back to the
> 5.1-RELEASE kernel with the same hardware and zero config changes, everything
> is hunky dory again. Sorry, I'm light on details--I need to do some more
> experiments and will cut-n-paste what I see, but I wanted to see if anybody
> else is experiencing anything oddball like this.

Sounds like you've put IPFIREWALL in your kernel without
IPFIREWALL_DEFAULT_TO_ACCEPT. Either add this to your kernel or add an
ipfw rule as allows:

ipfw add allow ip from any to any

Regards,

> Andre Guibert de Bruet | Enterprise Software Consultant >
> Silicon Landmark, LLC. | http://siliconlandmark.com/    >




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030820092317.U452>