I immediately found several plausible examples of what to put in
the firewall rules file and the following rules were set just
after the local loopback address:
ip="139.78.2.13"
setup_loopback
# Allow traceroute to function, but not to get in.
${fwcmd} add unreach port udp from any to ${ip} 33435-33524
# Allow some inbound icmps - echo reply, dest unreach, source quench,
# echo, ttl exceeded.
${fwcmd} add allow icmp from any to any icmptypes 0,3,4,8,11
My thanks to previous posters for these rules. I still,
however only get
*traceroute: sendto: Permission denied
traceroute: wrote 192.168.1.125 52 chars, ret=-1
I also did try:
sysctl net.inet.udp.blackhole=0
then 1 and even 2 with no change.
What else should I look at? The firewall rules are
otherwise working as they should.
Thank you.
Martin McCormick
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
