LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 07-01-2004, 04:22 PM   #1
JohnLocke
Member
 
Registered: Jun 2004
Location: Denver, Colorado
Distribution: Ubuntu
Posts: 221

Rep: Reputation: 30
MDK 9.2, Can't ping localhost but can ping outside world?


I originally began this topic on another thread, but I've made so many changes (I started over and got most things working) that I thought it would be better to begin again. The original thread can be seen at:

http://www.linuxquestions.org/questi...hreadid=198365

Ok, So I have a MDK 9.2 box hooked up on a LAN by a switch to a win 98SE box and a winXP box. I have enough working that I can SSH into the linux box, the linux box works as my web server, and the linux box can ping every machine out there (including web) but not itself.

I'm using shorewall and have the info argument turned on for every policy, but am not seeing anything logged in /var/log/messages for these pings. I get a "request timed out" if I try to ping from any other machine.

Strangely, I also have samba mostly set up and the windows machines can see the linux box, but can't connect to it. I set the ignore_all flag in sysctl.conf to 0 and have allowed icmp 8 and icmp echorequest (should be the same, but it's not working either way) to accept. I'm at a loss.

I also can't ping by hostname from the linux box, though that is working from the windows boxes (except for pinging the linux box, whose hostname they can't find).

route -n
Quote:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
ifconfig
Quote:
eth0 Link encap:Ethernet HWaddr 00:04:5A:7A:A1:A0
inet addr:192.168.1.3 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:27194 errors:0 dropped:0 overruns:0 frame:0
TX packets:27877 errors:203 dropped:0 overruns:0 carrier:406
collisions:0 txqueuelen:100
RX bytes:7986943 (7.6 Mb) TX bytes:2859387 (2.7 Mb)
Interrupt:5 Base address:0xd000

eth1 Link encap:Ethernet HWaddr 00:80:48:EE:8B:9C
inet addr:192.168.2.0 Bcast:192.168.2.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:17 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:5766 (5.6 Kb)
Interrupt:10 Base address:0xcc00

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:777 errors:0 dropped:0 overruns:0 frame:0
TX packets:777 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:79648 (77.7 Kb) TX bytes:79648 (77.7 Kb)
BTW, I'm not using eth1 currently. I'm hoping to set up a second subnet later, but for now, I just want to get this one working fully!
 
Old 07-01-2004, 04:26 PM   #2
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 64
Can you post the output from:
grep "" /proc/sys/net/ipv4/icmp_echo_ignore_*

and:
iptables -nL
 
Old 07-01-2004, 05:59 PM   #3
JohnLocke
Member
 
Registered: Jun 2004
Location: Denver, Colorado
Distribution: Ubuntu
Posts: 221

Original Poster
Rep: Reputation: 30
Ok, I think I see the problem, but now I'm unsure of the solution.

Both of those files are set to 1. They're zero in the sysctl.conf, but I guess I'm not running whichever command will actually refresh those values.

iptables -nL
Quote:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
eth0_in all -- 0.0.0.0/0 0.0.0.0/0
eth1_in all -- 0.0.0.0/0 0.0.0.0/0
common all -- 0.0.0.0/0 0.0.0.0/0
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:INPUT:REJECT:'
reject all -- 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy DROP)
target prot opt source destination
eth0_fwd all -- 0.0.0.0/0 0.0.0.0/0
eth1_fwd all -- 0.0.0.0/0 0.0.0.0/0
common all -- 0.0.0.0/0 0.0.0.0/0
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:FORWARD:REJECT:'
reject all -- 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
fw2net all -- 0.0.0.0/0 0.0.0.0/0
all2all all -- 0.0.0.0/0 0.0.0.0/0
common all -- 0.0.0.0/0 0.0.0.0/0
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:OUTPUT:REJECT:'
reject all -- 0.0.0.0/0 0.0.0.0/0

Chain all2all (4 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
newnotsyn tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp flags:!0x16/0x02
common all -- 0.0.0.0/0 0.0.0.0/0
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:all2all:REJECT:'
reject all -- 0.0.0.0/0 0.0.0.0/0

Chain common (5 references)
target prot opt source destination
icmpdef icmp -- 0.0.0.0/0 0.0.0.0/0
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 state INVALID
REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 reject-with icmp-port-unreachable
REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:445 reject-with icmp-port-unreachable
reject tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:135
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
DROP all -- 0.0.0.0/0 255.255.255.255
DROP all -- 0.0.0.0/0 224.0.0.0/4
reject tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:113
DROP all -- 0.0.0.0/0 192.168.1.255
DROP all -- 0.0.0.0/0 192.168.2.255

Chain dynamic (4 references)
target prot opt source destination

Chain eth0_fwd (1 references)
target prot opt source destination
dynamic all -- 0.0.0.0/0 0.0.0.0/0
all2all all -- 0.0.0.0/0 0.0.0.0/0

Chain eth0_in (1 references)
target prot opt source destination
dynamic all -- 0.0.0.0/0 0.0.0.0/0
net2fw all -- 0.0.0.0/0 0.0.0.0/0

Chain eth1_fwd (1 references)
target prot opt source destination
dynamic all -- 0.0.0.0/0 0.0.0.0/0
all2all all -- 0.0.0.0/0 0.0.0.0/0

Chain eth1_in (1 references)
target prot opt source destination
dynamic all -- 0.0.0.0/0 0.0.0.0/0
all2all all -- 0.0.0.0/0 0.0.0.0/0

Chain fw2net (1 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
newnotsyn tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp flags:!0x16/0x02
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:137:139
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:fw2net:ACCEPT:'
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0

Chain icmpdef (1 references)
target prot opt source destination

Chain net2fw (1 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
newnotsyn tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp flags:!0x16/0x02
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:137:139
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8
common all -- 0.0.0.0/0 0.0.0.0/0
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:net2fw:REJECT:'
reject all -- 0.0.0.0/0 0.0.0.0/0

Chain newnotsyn (3 references)
target prot opt source destination
DROP all -- 0.0.0.0/0 0.0.0.0/0

Chain reject (7 references)
target prot opt source destination
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable

Chain shorewall (0 references)
target prot opt source destination
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Can't ping localhost (ping: sendto: Operation not permitted) mentor99us Linux - Networking 7 09-05-2012 02:11 PM
Strange Ping Issue - Can't ping localhost but can ping others on LAN code_slinger Linux - Networking 13 03-17-2011 02:47 AM
Can't ping with XP, can't ping localhost bozoka45 Mandriva 4 06-13-2005 04:23 AM
Cannot ping the outside world?? m0nk3yb0y Linux - Networking 7 10-11-2004 11:39 PM
New RH9 can not ping outside world.... jwyant Linux - Networking 3 06-11-2003 09:46 PM


All times are GMT -5. The time now is 11:26 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration