From: "Massimo S." Received: from [192.168.100.201] (HELO mail.2rosenthals.com) by 2rosenthals.com (CommuniGate Pro SMTP 5.4.10) with ESMTPS id 4890802 for ecs-isp@2rosenthals.com; Wed, 14 Sep 2022 14:29:32 -0400 Received: from secmgr-va.2rosenthals.com ([50.73.8.217]:38260 helo=mail2.2rosenthals.com) by mail.2rosenthals.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1oYX8T-0003Kp-0M for ecs-isp@2rosenthals.com; Wed, 14 Sep 2022 14:29:21 -0400 Received: from mail2.quasarbbs.net ([80.86.52.115]:10025) by mail2.2rosenthals.com with esmtp (Exim 4.95) (envelope-from ) id 1oYX8O-0004gN-1o for ecs-isp@2rosenthals.com; Wed, 14 Sep 2022 14:29:17 -0400 X-SASI-Hits: BODYTEXTP_SIZE_3000_LESS 0.000000, BODY_SIZE_2000_2999 0.000000, BODY_SIZE_5000_LESS 0.000000, BODY_SIZE_7000_LESS 0.000000, CTE_8BIT 0.000000, HTML_00_01 0.050000, HTML_00_10 0.050000, IN_REP_TO 0.000000, LEGITIMATE_SIGNS 0.000000, MSG_THREAD 0.000000, NO_CTA_URI_FOUND 0.000000, NO_URI_HTTPS 0.000000, REFERENCES 0.000000, REPLYTO_SAMEAS_FROM 0.000000, SENDER_NO_AUTH 0.000000, TO_IN_SUBJECT 0.500000, __ANY_URI 0.000000, __BODY_NO_MAILTO 0.000000, __BOUNCE_CHALLENGE_SUBJ 0.000000, __BOUNCE_NDR_SUBJ_EXEMPT 0.000000, __CT 0.000000, __CTE 0.000000, __CT_TEXT_PLAIN 0.000000, __DQ_NEG_DOMAIN 0.000000, __DQ_NEG_HEUR 0.000000, __DQ_NEG_IP 0.000000, __FORWARDED_MSG 0.000000, __FROM_DOMAIN_NOT_IN_BODY 0.000000, __FROM_NAME_NOT_IN_ADDR 0.000000, __FROM_NAME_NOT_IN_BODY 0.000000, __FUR_HEADER 0.000000, __HAS_FROM 0.000000, __HAS_MSGID 0.000000, __HAS_REFERENCES 0.000000, __HAS_REPLYTO 0.000000, __HEADER_ORDER_FROM 0.000000, __IN_REP_TO 0.000000, __MAIL_CHAIN 0.000000, __MIME_TEXT_ONLY 0.000000, __MIME_TEXT_P 0.000000, __MIME_TEXT_P1 0.000000, __MIME_VERSION 0.000000, __MOZILLA_USER_AGENT 0.000000, __MSGID_HEX_844412 0.000000, __NO_HTML_TAG_RAW 0.000000, __O365_FILTER_URI_ONLY 0.000000, __REFERENCES 0.000000, __REPLYTO_SAMEAS_FROM_ACC 0.000000, __REPLYTO_SAMEAS_FROM_ADDY 0.000000, __REPLYTO_SAMEAS_FROM_DOMAIN 0.000000, __SANE_MSGID 0.000000, __SUBJ_ALPHA_END 0.000000, __SUBJ_ALPHA_NEGATE 0.000000, __SUBJ_REPLY 0.000000, __TO_IN_SUBJECT 0.000000, __TO_MALFORMED_2 0.000000, __TO_NAME 0.000000, __TO_NAME_DIFF_FROM_ACC 0.000000, __TO_REAL_NAMES 0.000000, __URI_MAILTO 0.000000, __URI_NO_WWW 0.000000, __URI_NS 0.000000, __URI_NS_NXDOMAIN 0.000000, __USER_AGENT 0.000000 X-SASI-Probability: 9% X-SASI-RCODE: 200 X-SASI-Version: Antispam-Engine: 4.1.4, AntispamData: 2022.9.14.175419 X-SASI-Hits: BODYTEXTP_SIZE_3000_LESS 0.000000, BODY_SIZE_2000_2999 0.000000, BODY_SIZE_5000_LESS 0.000000, BODY_SIZE_7000_LESS 0.000000, CTE_8BIT 0.000000, HTML_00_01 0.050000, HTML_00_10 0.050000, IN_REP_TO 0.000000, LEGITIMATE_SIGNS 0.000000, MSG_THREAD 0.000000, NO_CTA_URI_FOUND 0.000000, NO_URI_HTTPS 0.000000, REFERENCES 0.000000, REPLYTO_SAMEAS_FROM 0.000000, TO_IN_SUBJECT 0.500000, __ANY_URI 0.000000, __AUTH_RES_PASS 0.000000, __BODY_NO_MAILTO 0.000000, __BOUNCE_CHALLENGE_SUBJ 0.000000, __BOUNCE_NDR_SUBJ_EXEMPT 0.000000, __CT 0.000000, __CTE 0.000000, __CT_TEXT_PLAIN 0.000000, __DQ_NEG_DOMAIN 0.000000, __DQ_NEG_HEUR 0.000000, __DQ_NEG_IP 0.000000, __FORWARDED_MSG 0.000000, __FROM_DOMAIN_NOT_IN_BODY 0.000000, __FROM_NAME_NOT_IN_ADDR 0.000000, __FROM_NAME_NOT_IN_BODY 0.000000, __FUR_HEADER 0.000000, __HAS_FROM 0.000000, __HAS_MSGID 0.000000, __HAS_REFERENCES 0.000000, __HAS_REPLYTO 0.000000, __HEADER_ORDER_FROM 0.000000, __IN_REP_TO 0.000000, __MAIL_CHAIN 0.000000, __MIME_TEXT_ONLY 0.000000, __MIME_TEXT_P 0.000000, __MIME_TEXT_P1 0.000000, __MIME_VERSION 0.000000, __MOZILLA_USER_AGENT 0.000000, __MSGID_HEX_844412 0.000000, __NO_HTML_TAG_RAW 0.000000, __O365_FILTER_URI_ONLY 0.000000, __REFERENCES 0.000000, __REPLYTO_SAMEAS_FROM_ACC 0.000000, __REPLYTO_SAMEAS_FROM_ADDY 0.000000, __REPLYTO_SAMEAS_FROM_DOMAIN 0.000000, __SANE_MSGID 0.000000, __SUBJ_ALPHA_END 0.000000, __SUBJ_ALPHA_NEGATE 0.000000, __SUBJ_REPLY 0.000000, __TO_IN_SUBJECT 0.000000, __TO_MALFORMED_2 0.000000, __TO_NAME 0.000000, __TO_NAME_DIFF_FROM_ACC 0.000000, __TO_REAL_NAMES 0.000000, __URI_MAILTO 0.000000, __URI_NO_WWW 0.000000, __URI_NS 0.000000, __URI_NS_NXDOMAIN 0.000000, __USER_AGENT 0.000000 X-SASI-Probability: 9% X-SASI-RCODE: 200 X-SASI-Version: Antispam-Engine: 4.1.4, AntispamData: 2022.9.14.175419 Received: from [192.168.10.199] (dtp [192.168.10.199]) by srv2 (Weasel v2.79) for ; 14 Sep 2022 20:29:19 Reply-To: ml@ecomstation.it Subject: Re: [eCS-ISP] IJ FW 4.2.2 ICMP not working To: eCS ISP Mailing List References: Organization: eComStation dot it Message-ID: <78f93993-6f5c-97ca-174f-c6d1f84c4ac7@ecomstation.it> Date: Wed, 14 Sep 2022 20:29:14 +0200 User-Agent: Mozilla/5.0 (OS/2; U; Warp 4.5; it-IT; rv:1.7.13) Gecko/20060424 Thunderbird/1.0.8 Mnenhy/0.7.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=iso-8859-15; format=flowed Content-Language: it-IT Content-Transfer-Encoding: 8bit Il 14/09/2022 18:42, Massimo S. ha scritto: > > > Il 14/09/2022 18:22, Massimo S. ha scritto: >> >> >> Il 03/09/2022 00:17, Steven Levine ha scritto: >>> In , on 09/02/22 >>>     at 11:09 PM, "Massimo S." said: >>> >>> Hi Massimo, >>> >>>> so i should try it without the gateway.exe process running >>> >>> That's what's been recommended. >>> >>>> are we sure that it will not give issues? >>> >>> Odd question.  How can anyone answer this question but you?  You have >>> provided almost zero information as to how the involved systems are >>> configured. >>> >>> To recap, what we know is >>> >>>   - you have a firewall system running ijfw with some set of rules >>>     running at level 4 >>>   - you have a client system the connects to the firewall system >>>   - the client system cannot ping systems on the WAN >>>   - the firwall system is 60KB away >>>   - the client system is somewhere undocumented >>> >>> Steven >> >> my ISP have analyzed the issue and we tried from a Lan's PC >> (under Injoy FW used as gateway) this: >> >> ping 1.1.1.1 -t >> >> they say: >> >> *only* the ICMP protocol that pass trough the FTTC router do not come from the firewall WAN/internet static >> public IP, but it comes from 10.2.x.y that it's the internal lan IP >> >> the ICMP protocol is not being natted by the firewall >> >> so this is an issue on my setup of injoy firewall, but i don't find how it can happens >> >> massimo > > > C-Enable-Ping >         Comment = "Enable ping", >         Protocol = ICMP, >         Rule-Action = Allow > > this rules have issue i've commented it on Injoy fw > and now the ISP sees ICMP coming from the right IP WAN/public/static > so the ICMP now is being correctly natted > > but, it still not work: > > C:\>ping 1.1.1.1 -t > > Esecuzione di Ping 1.1.1.1 con 32 byte di dati: > Richiesta scaduta. > > > massimo i've re-enabled the allow icmp rule and activated also the logs: [2022/09/14][18:41:01][00:Info][MSG:][allow-icmp][SRC:010.002.000.014][icmp][DST:001.001.001.001][Outgoing][IP][Unknown][SRC:mypc][DST:one.one.one.one] [2022/09/14][18:41:01][00:Info][MSG:][allow-icmp][SRC:001.001.001.001][icmp][DST:1.2.3.4][Incoming][IP][Unknown][SRC:one.one.one.one][DST:isp-internet.it] this is the rule details: Protocol = ICMP, Rule-Action = NAT, Log-Control = Enabled, Log-Mask = "date time severity message rule source prot dest direction packet_feature action_rule resolved_source resolved_dest", Log-File = "firewall/logs/icmp.log", Direction = Bidirectional (no change if i put Allow or NAT in the Rule-Action) massimo