apf vs. newly assigned IP address

If you try to ping/traceroute and got this message, there are several places to look. First, disable the firewall and if it works again then you know it’s the firewall. In this case, APF. An call to “iptables -L -n” might be able to narrow down the root cause.

PING 173.x.x.x 56(84) bytes of data.
ping: sendmsg: Operation not permitted
ping: sendmsg: Operation not permitted
ping: sendmsg: Operation not permitted

Edit conf.apf

Switch this off (from 1 to 0) and “service apf restart”.

# Block all ipv4 address space marked reserved for future use (unassigned),
# such networks have no business talking on the Internet. However they may at
# some point become live address space. The USE_RD option further in this file
# allows for dynamic updating of this list on every full restart of APF. Refer
# to the 'internals/reserved.networks' file for listing of address space.
BLK_RESNET="0"

Comments (1)

  1. 5:33 pm, September 22, 2009Anonymous  / Reply

    Thank you so much. I was dumbfounded as to why apf was blocking this range.

Leave a Reply

Allowed Tags - You may use these HTML tags and attributes in your comment.

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Pingbacks (0)

› No pingbacks yet.