[Firehol-support] Can't Broadcast

Caleb Epstein caleb.epstein at gmail.com
Tue Oct 30 21:36:40 CET 2007


When I have my firehol rules in place, the following Perl script fails in
the $sock->send call with an EPERM error:

#!/usr/bin/perl
use IO::Socket::INET;
my $sock = new IO::Socket::INET (Proto => 'udp') or die "socket: $!\n";
$sock->setsockopt (SOL_SOCKET, SO_BROADCAST, 1) or die "setsockopt: $!\n";
my $addr = sockaddr_in (3483, inet_aton ('255.255.255.255'));
$sock->send ('hello', 0, $addr) or die "send: $!\n";

If I take down the firewall with 'firehol stop', the script executes with no
errors.  I am using a slightly modified version of the 'lan-gateway.conf'
file that comes with the Debian package as my config.

Looking at the kernel messages, it looks like no rules are matching this
traffic, so its being dropped as 'OUT-unknown':

Oct 30 15:52:46 tela kernel: 'OUT-unknown:'IN= OUT=eth1 SRC=<MY PUBLIC IP>
DST=255.255.255.255 LEN=33 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP
SPT=46762 DPT=3483 LEN=13

Any suggestions on how I fix this?

-- 
Caleb Epstein
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.firehol.org/pipermail/firehol-support/attachments/20071030/ffddcb54/attachment.html>


More information about the Firehol-support mailing list