Re: ipfilter vs. icmp on NetBSD

I have rebooted many times since this problem started.

Rule 46 is:
@46 block in log level local1.info quick on le0 proto udp from any to any port 136 >< 140

Rule 67 is:
@67 pass in quick on le0 proto icmp from any to x.x.x.x/32

How very odd.

On Wed, 29 Sep 2004, Thomas Beer wrote:

> Have you rebooted / reseted ipf rules?
> Have you checked rule numbers 67 and 46 respectively?
>
>>> Sep 28 23:21:14 fls ipmon[137]: 23:21:13.930960 le0 @0:67 p
> ^^^^^^^^
>
>> outside[y.y.y.y] -> gateway[x.x.x.x] PR icmp len 20 84 icmp echo/0 IN
>> Sep 28 23:21:14 fls ipmon[137]: 23:21:13.931469 le0 @0:46 b^
> ^^^^^^^^^^
>> gateway[x.x.x.x] -> outside[y.y.y.y] PR icmp len 20 84 icmp echoreply/0
>> K-S OUT
>>
>> The rules haven't changed and the box used to be pingable. I don't know
>> if a misconfigured rule is now being enforced or something.
>>
>> Any help would be greatly appreciated.

--
Hisashi T Fujinaka - htodd@twofifty.com
BSEE(6/86) + BSChem(3/95) + BAEnglish(8/95) + MSCS(8/03) + $2.50 = latte