id	summary	reporter	owner	description	type	status	resolution	keywords	cc	location
187	ProxyCope geen internet	huub		"Zelfde verschijnsel als bij ProxyDeClercq:
ProxyCope# fetch -o /dev/null http://www.nu.nl
...

ProxyCope# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
ping: sendto: Operation not permitted

Is er iets mis met de firewall regels?

ProxyCope# pfctl -s rules
No ALTQ support in kernel
ALTQ related functions disabled
pass out on sis0 all flags S/SA keep state (source-track rule, max-src-states 10)
pass on lo0 all flags S/SA keep state
block drop in all
pass in on sis0 inet proto tcp from any to 83.162.36.91 port = ssh flags S/SA keep state
pass in on sis1 inet proto tcp from 172.16.0.0/12 to 172.17.8.68 port = ssh flags S/SA keep state
pass in on sis1 inet proto tcp from 172.16.0.0/12 to 172.17.8.68 port = domain flags S/SA keep state
pass in on sis1 inet proto udp from 172.16.0.0/12 to 172.17.8.68 port = domain keep state
pass in on sis1 inet proto tcp from any to any port = http flags S/SA keep state
pass in on sis1 inet proto tcp from any to any port = https flags S/SA keep state
pass in on sis1 inet proto icmp from 172.16.0.0/12 to 172.17.8.68 keep state

Op ProxyPlantsoen (die het wel goed doet) zie ik:
ProxyPlantsoen# pfctl -s rules
No ALTQ support in kernel
ALTQ related functions disabled
block drop in on sis0 inet from any to 10.0.1.100
block drop in on sis1 inet from any to 172.17.169.66
pass in on sis1 inet proto tcp from 172.16.0.0/12 to any port = http flags S/SA keep state
pass in on sis1 inet proto tcp from 172.16.0.0/12 to any port = https flags S/SA keep state
pass out on sis1 all flags S/SA keep state
pass out on sis0 all flags S/SA keep state
block drop in on sis1 inet proto tcp from 172.16.0.0/12 to 172.17.169.66 port = http
block drop in on sis1 inet proto tcp from 172.16.0.0/12 to 172.17.169.66 port = https
pass in on sis1 inet proto udp from 172.16.0.0/12 to 172.17.169.66 port = domain keep state
pass in on sis1 inet proto udp from 172.16.0.0/12 to 172.17.169.66 port = ntp keep state
pass in on sis1 inet proto udp from 172.16.0.0/12 to 172.17.169.66 port = snmp keep state
pass in on sis1 inet proto udp from 172.16.0.0/12 to 172.17.169.66 port = 12345 keep state
pass in on sis1 inet proto tcp from 172.16.0.0/12 to 172.17.169.66 port = ssh flags S/SA keep state
pass in on sis1 inet proto tcp from 172.16.0.0/12 to 172.17.169.66 port = ntp flags S/SA keep state
pass in on sis1 inet proto tcp from 172.16.0.0/12 to 172.17.169.66 port = 3128 flags S/SA keep state
pass in on sis1 inet proto icmp from 172.16.0.0/12 to 172.17.169.66 keep state
pass in on sis0 inet proto tcp from any to 10.0.1.100 port = ssh flags S/SA keep state
pass in on sis0 inet proto udp from any to 10.0.1.100 port = snmp keep state
pass on sis0 inet from 10.0.0.0/8 to 172.16.0.0/12 flags S/SA keep state
pass on sis0 inet from 192.168.0.0/16 to 172.16.0.0/12 flags S/SA keep state
block drop on sis1 inet from 172.16.0.0/12 to 10.0.0.0/8
block drop on sis1 inet from 172.16.0.0/12 to 192.168.0.0/16
pass in on sis1 all flags S/SA keep state

?"	incident	closed	fixed			Generiek