Ping: sendto: Operation not permitted



  • I noticed a kind of internet "brownout" last night. My pfSense box won't talk to random internet hosts. For instance Microsoft.com would hang, while Google.com would come right up. It seemed a large swath of the internet was inaccessible.

    I've seen backbone issues like that before, so I thought nothing of it until I investigated further this morning. The hosts I can't hit on my primary pfsense box I can hit with my backup box. They're both on the same Comcast cable connection.

    For instance on the "broken" one:

    ping 66.119.205.8

    PING 66.119.205.8 (66.119.205.8): 56 data bytes
    ping: sendto: Operation not permitted
    ping: sendto: Operation not permitted
    ping: sendto: Operation not permitted

    On the working one:
    PING 66.119.205.8 (66.119.205.8): 56 data bytes
    64 bytes from 66.119.205.8: icmp_seq=0 ttl=56 time=40.524 ms
    64 bytes from 66.119.205.8: icmp_seq=1 ttl=56 time=52.579 ms
    64 bytes from 66.119.205.8: icmp_seq=2 ttl=56 time=46.913 ms

    What does "operation not permitted" mean? Kind weird…



  • Hmm… this may have been Snort related.

    I turned off Snort to eliminate that possibility, but I'm guessing that didn't actually remove any existing firewall rules. I just cleared out all the blocks and restarted snort, and it's working for now.


Log in to reply