Hisashi T Fujinaka wrote: > OK, so if anyone can help, here's my problem. I can't ping my machine at > home. I have the following rules: > > pass out on le0 proto icmp from any to any keep state > pass in quick on le0 proto icmp from any to x.x.x.x/32
Shouldn't you be using keep state on the incoming packet: pass in quick on le0 proto icmp from any to x.x.x.x/32 keep state That way, you don't need the pass out rule. Frank > > And pinging from outside the logs show: > > Sep 28 23:21:14 fls ipmon[137]: 23:21:13.930960 le0 @0:67 p outside[y.y.y.y] -> > gateway[x.x.x.x] PR icmp len 20 84 icmp echo/0 IN > Sep 28 23:21:14 fls ipmon[137]: 23:21:13.931469 le0 @0:46 b gateway[x.x.x.x] -> > outside[y.y.y.y] PR icmp len 20 84 icmp echoreply/0 K-S OUT > > The rules haven't changed and the box used to be pingable. I don't know > if a misconfigured rule is now being enforced or something. > > Any help would be greatly appreciated. > > -- > Hisashi T Fujinaka - [EMAIL PROTECTED] > BSEE(6/86) + BSChem(3/95) + BAEnglish(8/95) + MSCS(8/03) + $2.50 = latte >
