Problem with Google URLs not loading?

Randal Hicks rhicks41 at tampabay.rr.com
Wed Mar 5 22:51:45 PST 2008 

>
> On the Mac that connects the wireless LAN to the rest of the LAN  
> and Internet:
>
>> 00010 0 0 divert 8668 ip from any to any via en0
>> 01000 0 0 allow ip from any to any via lo0
>> 01010 0 0 deny ip from any to 127.0.0.0/8
>> 01020 0 0 deny ip from 224.0.0.0/4 to any in
>> 01030 0 0 deny tcp from any to 224.0.0.0/4 in
>> 12300 0 0 allow tcp from any to any established
>> 12301 0 0 allow tcp from any to any out
>> 12302 0 0 allow tcp from any to any dst-port 22
>> 12302 0 0 allow udp from any to any dst-port 22
>> 12303 0 0 allow udp from any to any out keep-state
>> 12304 0 0 allow tcp from any to any dst-port 53 out keep-state
>> 12304 0 0 allow udp from any to any dst-port 53 out keep-state
>> 12305 0 0 allow udp from any to any in frag
>> 12306 0 0 allow tcp from any to any dst-port 311
>> 12307 0 0 allow tcp from any to any dst-port 625
>> 12308 0 0 allow udp from any to any dst-port 626
>> 12309 0 0 allow icmp from any to any icmptypes 8
>> 12310 0 0 allow icmp from any to any icmptypes 0
>> 12311 0 0 allow igmp from any to any
>> 65534 0 0 deny ip from any to any
>> 65535 0 0 allow ip from any to any
>
> Nothing looks specific enough for the Google problem.  Not sure  
> what the 224.0.0.0 is about but the rest looks pretty generic.
>
> And although our ADSL modem/router (Draytek 2600 Plus) does have  
> content filtering, and a firewall, nothing is on in the content  
> filtering and the firewall is normal(?).
>
> As mentioned, we also have no problems on the wired part of the LAN.
>
> Still bamboozled.
>
> Cheers,
> Ashley.
>

Hi Ashley,

Still bamboozled?

Your ipfw table shows all zeroed counters so it looks like you aren't  
even using ipfw.
224.0.0.0 entries deal with multicast -- Reasons for the deny is to  
prevent Denial Of Service attacks.

http://tools.ietf.org/html/draft-iana-special-ipv4-05
    224.0.0.0/4 - This block, formerly known as the Class D address
    space, is allocated for use in IPv4 multicast address assignments.
    The IANA guidelines for assignments from this space are described
    in [RFC3171].

Regards,
Randal

More information about the MacOSX-admin mailing list