Re: Is rl broken?

On Tue, 19 Aug 2003, John Reynolds~ wrote:

>
> This thread originally taken from the -stable mailing list, but I'm seeing
> weird things in -current now, so I thought I'd ask ....
>
> > I cvsup'd and rebuilt a FreeBSD 4.8 system last Friday after receiving the
> > realpath security advisory.  The machine is remote and the NIC uses the rl
> > driver.  After booting the machine I had no network connectivity.  The
> > person at the remote site says the boot was normal and he could see that the
> > NIC was properly configured but he could not ping it and I could not login.
> > We booted off kernel.old and everything came up fine.
> >
>
> I have a machine with an Intel nic using the fxp driver that is exhibiting the
> same sort of weirdness. I just installed 5.1-RELEASE on it after it was built
> and things were rock solid. I got my NIC configured to use DHCP in my LAN here
> at home, everything's fine. then I cvsup and buildworld/kernel (the same
> kernel config that an *identical* system on my LAN is using) and test out the
> new kernel before installkernel and dhclient seems to finish properly and the
> interface seems configured correctly with the correct IP. netstat -r shows the
> right stuff, but I can't even ping the NIC itself. It says
>
>  sendto: permission denied
>
> when I try to ping the NIC itself and *also* 127.0.0.1. If I revert back to the
> 5.1-RELEASE kernel with the same hardware and zero config changes, everything
> is hunky dory again. Sorry, I'm light on details--I need to do some more
> experiments and will cut-n-paste what I see, but I wanted to see if anybody
> else is experiencing anything oddball like this.

Sounds like you've put IPFIREWALL in your kernel without
IPFIREWALL_DEFAULT_TO_ACCEPT. Either add this to your kernel or add an
ipfw rule as allows:

ipfw add allow ip from any to any

Regards,

> Andre Guibert de Bruet | Enterprise Software Consultant >
> Silicon Landmark, LLC. | http://siliconlandmark.com/    >