I think it's my firewall blocking them going _out_ because when I take the firewall offline both ping and traceroute work fine. Ping works on localhost, though traceroute does not when the firewall is up. Unfortunetly I am too new at both debian and firewalling to know where I went wrong. I'm trying to set it up so I can ping and traceroute to other boxes but other 'bad' boxes can't do it to me. What information can I follow this msg up with that will be helpful?
I call the firewall from /etc/rc2.d/S90firewall_up which is just a sym link to /etc/init.d/firewall_up. On a side note, when I added the logging line: $IPT -A Firewall -j LOG --log-level info --log-prefix "Firewall:" It produces a TON of the following as fast as it can put them in the log file. How do I read this and even more importantly how can I make it log the "rejects" properly so that I can actually catch people trying to scan the box etc. Oct 1 13:28:11 stimpy kernel: Firewall:IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:20:78:cb:ce:05:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=576 TOS=0x00 PREC=0x00 TTL=64 ID=2 PROTO=UDP SPT=68 DPT=67 LEN=556 If it would help I can attach the actual firewall script.
