[lug] ping: sendto operation not permitted
David Anselmi
anselmi at anselmi.us
Tue Mar 23 21:59:31 MST 2004
Bill Gjestvang wrote:
> If I understand correctly, the firewall can't ping it's own internal
> interface (eth1).
> Your OUTPUT policy is accept, but your INPUT policy is DROP, and you have
> nothing saying to allow packets related to what leaves via OUTPUT on the
> internal side.
It might also be your default NAT policy. The postrouting chain comes
after the output chain and applies to all packets, not just those on eth0.
The only time I've seen this error is when iptables is blocking packets.
If it were a routing problem you should get something like "no route
to host".
HTH,
Dave
More information about the LUG
mailing list