[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IPFilter and ping

To: misc@openbsd.org
Subject: IPFilter and ping
From: Mohammad Rizal Othman <rizal@mimos.my>
Date: Mon, 07 Dec 1998 20:11:51 +0800

I hope it is ok to ask this question here.

I've configured an OpenBSD based firewall using IPFilter.  So far
everything works fine.  Today, I tried to add another rule just to play
around with it.  I tried to ping a machine behind the firewall, but
received nothing back.  For your information, the machines behind the
firewall all have registered IPs.  The rule that I used was something
like

pass in on fxp0 proto icmp from host-outside-fw/32 to host-behind-fw/32

Is it possible at all to do this?

Another thing is I cannot ping beyond the firewall from a host behind
the firewall.  I have this rules (from firewall.1, I think)

pass out log on ep0 proto icmp all keep state
pass out log on ep1 proto icmp all keep state

but still doesn't work.  Is this a shortcoming of IPFilter?

Hope to get some helps.


-- 
-------------------------------------------------------------------------------
Mohd. Rizal Othman           |  Tel: 603-9665000 x 4010
Systems Engineer             |  my $os =~ s/Windows/UNIX/:
MIMOS BHD                    |  Get out of the Windows, get into the
real world
-------------------------------------------------------------------------------

Follow-Ups:
- Re: IPFilter and ping
  - From: Matthew Patton <matthew.patton@ra.pae.osd.mil>
- Re: IPFilter and ping
  - From: Kjell Wooding <kwooding@codetalker.com>

Prev by Date: Re: OBSD 2.4 installation (solved)
Next by Date: Appletalk broken during 2.4 upgrade
Prev by thread: OpenBSD 2.4 = ISBN 0-9683637-2-5
Next by thread: Re: IPFilter and ping
Index(es):
- Date
- Thread