[Firehol-support] Can't Broadcast

Costa Tsaousis costa at tsaousis.gr
Wed Oct 31 09:51:36 GMT 2007


Caleb Epstein wrote:
> When I have my firehol rules in place, the following Perl script fails 
> in the $sock->send call with an EPERM error:
>
> #!/usr/bin/perl
> use IO::Socket::INET;
> my $sock = new IO::Socket::INET (Proto => 'udp') or die "socket: $!\n";
> $sock->setsockopt (SOL_SOCKET, SO_BROADCAST, 1) or die "setsockopt: $!\n";
> my $addr = sockaddr_in (3483, inet_aton (' 255.255.255.255 
> <http://255.255.255.255>'));
> $sock->send ('hello', 0, $addr) or die "send: $!\n";
>
> If I take down the firewall with 'firehol stop', the script executes 
> with no errors.  I am using a slightly modified version of the ' 
> lan-gateway.conf' file that comes with the Debian package as my config.
>
> Looking at the kernel messages, it looks like no rules are matching 
> this traffic, so its being dropped as 'OUT-unknown':
>
> Oct 30 15:52:46 tela kernel: 'OUT-unknown:'IN= OUT=eth1 SRC=<MY PUBLIC 
> IP> DST= 255.255.255.255 <http://255.255.255.255> LEN=33 TOS=0x00 
> PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=46762 DPT=3483 LEN=13
>
> Any suggestions on how I fix this?
>
You need to add "255.255.255.255" to the src parameter of your eth1 
interface.

Costa





More information about the Firehol-support mailing list