Ping: sendto: Operation not permitted
-
I noticed a kind of internet "brownout" last night. My pfSense box won't talk to random internet hosts. For instance Microsoft.com would hang, while Google.com would come right up. It seemed a large swath of the internet was inaccessible.
I've seen backbone issues like that before, so I thought nothing of it until I investigated further this morning. The hosts I can't hit on my primary pfsense box I can hit with my backup box. They're both on the same Comcast cable connection.
For instance on the "broken" one:
ping 66.119.205.8
PING 66.119.205.8 (66.119.205.8): 56 data bytes
ping: sendto: Operation not permitted
ping: sendto: Operation not permitted
ping: sendto: Operation not permittedOn the working one:
PING 66.119.205.8 (66.119.205.8): 56 data bytes
64 bytes from 66.119.205.8: icmp_seq=0 ttl=56 time=40.524 ms
64 bytes from 66.119.205.8: icmp_seq=1 ttl=56 time=52.579 ms
64 bytes from 66.119.205.8: icmp_seq=2 ttl=56 time=46.913 msWhat does "operation not permitted" mean? Kind weird…
-
Hmm… this may have been Snort related.
I turned off Snort to eliminate that possibility, but I'm guessing that didn't actually remove any existing firewall rules. I just cleared out all the blocks and restarted snort, and it's working for now.