# netstat -antp | grep apach
tcp0 0 192.168.1.250:800.0.0.0:*
LISTEN 25577/apache2
# tcpdump -n -i eth0 host 192.168.1.6 and port not 22
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size
>ssh works.
routing should be ok then.
>Connection from the same client to a third gentoo box
>running a webserver works.
what about connecting to the webserver from that third gentoo box?
>Anyone seen this behavior? There's no iptables,
you did check that on both machines, didn't you?
what a
On Thu, Sep 22, 2011 at 10:12 PM, Jonas de Buhr wrote:
>>ssh works.
>
> routing should be ok then.
>
>>Connection from the same client to a third gentoo box
>>running a webserver works.
>
> what about connecting to the webserver from that third gentoo box?
Same ICMP response, so its not a client
On Thu, Sep 22, 2011 at 8:25 AM, Adam Carter wrote:
> On Thu, Sep 22, 2011 at 10:12 PM, Jonas de Buhr wrote:
>>>ssh works.
>>
>> routing should be ok then.
>>
>>>Connection from the same client to a third gentoo box
>>>running a webserver works.
>>
>> what about connecting to the webserver from t
On 22 September 2011 12:39, Adam Carter wrote:
> # tcpdump -n -i eth0 host 192.168.1.6 and port not 22
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
> 21:10:57.011994 IP 192.168.1.6.46161 > 192.1
>> what about connecting to the webserver from that third gentoo box?
>
>Same ICMP response, so its not a client side issue.
yep.
>No iptables on any of the boxes. No tcpwrappers.
is there anything in between on the network?
does traceroute show anything unusual?
what happens if you try to co
> It's not the ICMP that is being prohibited.
Understood, that's clear from the packet trace.
> is an ICMP "host unreachable" response from .250. The extended reason
> for the unreachability is that there is an administrative policy
> preventing the traffic. It almost certainly *is* a firewall t
> is there anything in between on the network?
Just a billion switch
> does traceroute show anything unusual?
Nothing to trace - same subnet
> what happens if you try to connect to a closed port (81 for example)?
I get the expected TCP reset.
> strace output? Which syscall is actually failing, and with what error code?
What would I trace? Why do you think the information provided suggests
a syscall failing?
On Thu, Sep 22, 2011 at 7:14 PM, Adam Carter wrote:
>> strace output? Which syscall is actually failing, and with what error code?
>
> What would I trace? Why do you think the information provided suggests
> a syscall failing?
Misread your original post.
--
:wq
On Friday 23 Sep 2011 00:10:31 Adam Carter wrote:
> > is there anything in between on the network?
>
> Just a billion switch
which is running a firewall?
(The tcpdump shows a firewall is in play on 192.168.1.250).
--
Regards,
Mick
signature.asc
Description: This is a digitally signed m
>> Just a billion switch
>
> which is running a firewall?
>
> (The tcpdump shows a firewall is in play on 192.168.1.250).
The firewall's disabled, and should only be in play if the packet gets
routed from what I understand. These packets are being switched. I
guess I should connect the hosts
>The devices are connected, there's only a switch between them (a
>billion ADSL router).
wait... billion as in "billion the company"? and
you are using your router as a switch?
please connect the two computers without any switch (crossover cable if
they aren't 1000mbit) and try again. maybe the r
On Sep 23, 2011 6:11 AM, "Adam Carter" wrote:
>
> > It's not the ICMP that is being prohibited.
>
> Understood, that's clear from the packet trace.
>
> > is an ICMP "host unreachable" response from .250. The extended reason
> > for the unreachability is that there is an administrative policy
> >
> Can you post the outputs of 'iptables-save' and 'ip rule show'?
# iptables-save
# Generated by iptables-save v1.4.12.1 on Sat Sep 24 02:57:42 2011
*nat
:PREROUTING ACCEPT [239188:15840835]
:INPUT ACCEPT [230129:15089630]
:OUTPUT ACCEPT [265028:20043915]
:POSTROUTING ACCEPT [0:0]
-A PREROUTING -s
On Fri, Sep 23, 2011 at 9:24 PM, Jonas de Buhr wrote:
>>The devices are connected, there's only a switch between them (a
>>billion ADSL router).
>
> wait... billion as in "billion the company"? and
> you are using your router as a switch?
Yeah - this is just at home. The router has a 4 port switc
On 09/23/2011 10:06 AM, Adam Carter wrote:
> Will gig negotiate auto cross over on a straight cable? I have a cross
> over i can use, but since you mentioned gig
Yes. GigE is always auto-mdi by definition.
On Sep 24, 2011 12:05 AM, "Adam Carter" wrote:
>
> > Can you post the outputs of 'iptables-save' and 'ip rule show'?
>
> # iptables-save
> # Generated by iptables-save v1.4.12.1 on Sat Sep 24 02:57:42 2011
> *nat
[snip]
> -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination
10.0.0.254
18 matches
Mail list logo
