[Firehol-support] Why this ICMP call is blocked?

Kari Lempiainen lemppari at iki.fi
Mon Feb 23 21:15:15 GMT 2015


I feel stupid. I have a short program which sends a "Wake On Lan" packet to
a computer in my local network. Protocol is ICMP. The sending computer is and target is When I run my program I get “sendto:
Operation not permitted” and the syslog tells me this:

'firehol: 'OUT-myif1':'IN= OUT=eth0 SRC= DST= LEN=122
TOS=0x00 PREC=0x00 TTL=64 ID=52172 DF PROTO=ICMP TYPE=255 CODE=255

In my firehol.conf file I have:

interface eth0 myif1 src "" dst

policy drop

[lines removed]

client all accept

Why the packet is dropped? Doesn’t "client all accept” mean that can send anything?


More information about the Firehol-support mailing list