LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 08-02-2003, 03:42 PM   #1
Thermodynamic
Member
 
Registered: Apr 2003
Posts: 63

Rep: Reputation: 15
Question My linux box can't ping to my windows boxes!


Hi there! I am running a tiny home network via the TCP/IP protocol.

I have no server (yet) so I am manually assigning IP addresses to my boxes.

My Linux box is 192.168.0.2

The Windows box I want to connect to is 192.168.0.4

I get 'destination unreachable' messages when I try to ping to 192.168.0.4 from the Linux box. Pinging to 192.168.0.2 from the Windows box gets the same result.

I have another Windows box, 192.168.0.6, which the other windows box can see just fine.

I'm positive it's my linux box that's not right.

When I boot the Linux box, the messages fly by but I do see that "eth0" is initialized properly.

My Linux box config:

Abit NF7 mobo (whose integrated nforce2 NIC I am using to communicate and I downloaded and installed the newest drivers from nvidia's site)

AMD Athlon 2100+ CPU o/c'ed to 2700+

1GB RAM

WD 40GB HD

SuSE Linux 8.2 Pro using SuSE Firewall2

I don't know how to configure the firewall to accept transmissions from 192.168.0.4 or 192.168.0.6 in the internal network while blocking everything else out.

Any help would be appreciated.

Thanks in advance!
 
Old 08-02-2003, 04:29 PM   #2
nakkaya
Guru
 
Registered: Jan 2003
Location: Turkey&USA
Distribution: Emacs and linux is its device driver(Slackware,redhat)
Posts: 1,398

Rep: Reputation: 45
did you give the same subnet mask to the machines to tell them that they are on the same network
 
Old 08-02-2003, 05:11 PM   #3
antken
Member
 
Registered: Nov 2000
Location: england
Distribution: latest Mandrake
Posts: 368

Rep: Reputation: 30
hello,

what version of windows are you using? are you running any versions of any firewall on windows? i.e. zonealarm, or microsofts one?

just a few other things to check

1. i assume that your using a hub for your network ( cat5 ? ) make sure that you get a link light on either your hub or on the linux pc, if not get your cable checked out

2. login as root, and type: ifconfig is eth0 listed and how many packets are you getting in and out? any errors? ( list the output if your unsure )

3. you mention your windows boxes cannot see your linux boxes and you cannot ping them, try pointing your windows web browser at you linux box, do you get anything? ( all this is provided that you have a web server running on the linux box )

4. login as root and check your firewall, by typing:

iptables -L

this will list the rule tables, please list the contents here and we can do through it together

let us know what your results are

thanks
antken
 
Old 08-02-2003, 07:14 PM   #4
Thermodynamic
Member
 
Registered: Apr 2003
Posts: 63

Original Poster
Rep: Reputation: 15
Hmmm...

Both MS boxes are WinXP.

I apologize for my miscommunication; the win boxes can see each other but not the linux box. The linux box cannot see the win boxes. The linux box seems to be completely isolated.

I do have the same subnet mask (255.255.255.0) for all three.

Cat 5 cable is standard.

I am a Linux newbie. I originally wanted to check the configuration for link speed to make sure it's set properly (and that could be it) but I can't find a thing and SuSE's graphical config program has nothing on this.

Here is ifconfig's info on the eth0 adapter:


eth0 Link encap:Ethernet HWaddr 00:50:8D:4C:3E:E0
inet addr:192.168.0.4 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::250:8dff:fe4c:3ee0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:2896 (2.8 Kb)
Interrupt:11



Here is the result from iptables -L, but it's quite long... Thanks!


linux:/home/dpcole7 # iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
LOG all -- loopback/8 anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ANTI-SPOOFING '
LOG all -- anywhere loopback/8 LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ANTI-SPOOFING '
DROP all -- loopback/8 anywhere
DROP all -- anywhere loopback/8
LOG all -- linux.local anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ANTI-SPOOFING '
DROP all -- linux.local anywhere
input_int all -- anywhere linux.local
DROP all -- anywhere 192.168.0.255
DROP all -- anywhere 255.255.255.255
LOG all -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-ILLEGAL-TARGET '
DROP all -- anywhere anywhere

Chain FORWARD (policy DROP)
target prot opt source destination
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
ACCEPT all -- anywhere anywhere
forward_int all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-ILLEGAL-ROUTING '
DROP all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED
LOG all -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-FORWARD-ERROR '

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
LOG icmp -- anywhere anywhere icmp time-exceeded LOG level warning tcp-options ip-options prefix `SuSE-FW-TRACEROUTE-ATTEMPT '
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp port-unreachable
ACCEPT icmp -- anywhere anywhere icmp fragmentation-needed
ACCEPT icmp -- anywhere anywhere icmp network-prohibited
ACCEPT icmp -- anywhere anywhere icmp host-prohibited
ACCEPT icmp -- anywhere anywhere icmp communication-prohibited
DROP icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED
LOG all -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-OUTPUT-ERROR '

Chain forward_dmz (0 references)
target prot opt source destination
LOG all -- 192.168.0.0/24 anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 192.168.0.0/24 anywhere
LOG all -- anywhere linux.local LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-CIRCUMVENTION '
DROP all -- anywhere linux.local
ACCEPT icmp -- anywhere anywhere state RELATED icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp echo-reply
ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
LOG tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp redirect LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp echo-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp timestamp-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp address-mask-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- anywhere anywhere state INVALID LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- anywhere anywhere

Chain forward_ext (0 references)
target prot opt source destination
LOG all -- 192.168.0.0/24 anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 192.168.0.0/24 anywhere
LOG all -- anywhere linux.local LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-CIRCUMVENTION '
DROP all -- anywhere linux.local
ACCEPT icmp -- anywhere anywhere state RELATED icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp echo-reply
ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
LOG tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp redirect LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp echo-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp timestamp-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp address-mask-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- anywhere anywhere state INVALID LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- anywhere anywhere

Chain forward_int (1 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere state RELATED icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp echo-reply
ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
LOG tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp redirect LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp echo-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp timestamp-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp address-mask-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- anywhere anywhere state INVALID LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- anywhere anywhere

Chain input_dmz (0 references)
target prot opt source destination
LOG all -- 192.168.0.0/24 anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 192.168.0.0/24 anywhere
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp echo-reply
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp time-exceeded
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp parameter-problem
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp timestamp-reply
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp address-mask-reply
LOG icmp -- anywhere anywhere icmp redirect LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp timestamp-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp address-mask-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp type 2 LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
DROP icmp -- anywhere anywhere
reject_func tcp -- anywhere anywhere tcp dpt:ident flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP '
DROP tcp -- anywhere anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp dpt:sunrpc flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP '
DROP tcp -- anywhere anywhere tcp dpt:sunrpc flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp dpt:ipp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP '
DROP tcp -- anywhere anywhere tcp dpt:ipp flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp dpt:swat flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP '
DROP tcp -- anywhere anywhere tcp dpt:swat flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp dpt:x11 flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP '
DROP tcp -- anywhere anywhere tcp dpt:x11 flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere state ESTABLISHED tcp dpts:ipcserver:65535 flags:!SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere state ESTABLISHED tcp dpt:ftp-data flags:!SYN,RST,ACK/SYN
DROP udp -- anywhere anywhere udp dpt:ssh
DROP udp -- anywhere anywhere udp dpt:sunrpc
DROP udp -- anywhere anywhere udp dpt:sunrpc
DROP udp -- anywhere anywhere udp dpt:netbios-ns
DROP udp -- anywhere anywhere udp dpt:netbios-dgm
DROP udp -- anywhere anywhere udp dpt:ipp
DROP udp -- anywhere anywhere udp dpt:ipp
DROP udp -- anywhere anywhere udp dpt:smpnameres
DROP udp -- anywhere anywhere udp dpt:x11
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED udp dpts:1024:65535
LOG tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp redirect LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp echo-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp timestamp-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp address-mask-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- anywhere anywhere state INVALID LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- anywhere anywhere

Chain input_ext (0 references)
target prot opt source destination
LOG all -- 192.168.0.0/24 anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ANTI-SPOOF '
DROP all -- 192.168.0.0/24 anywhere
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp echo-reply
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp time-exceeded
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp parameter-problem
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp timestamp-reply
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp address-mask-reply
LOG icmp -- anywhere anywhere icmp redirect LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp timestamp-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp address-mask-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp type 2 LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
DROP icmp -- anywhere anywhere
reject_func tcp -- anywhere anywhere tcp dpt:ident flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP '
DROP tcp -- anywhere anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp dpt:sunrpc flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP '
DROP tcp -- anywhere anywhere tcp dpt:sunrpc flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp dpt:ipp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP '
DROP tcp -- anywhere anywhere tcp dpt:ipp flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp dpt:swat flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP '
DROP tcp -- anywhere anywhere tcp dpt:swat flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp dpt:x11 flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP '
DROP tcp -- anywhere anywhere tcp dpt:x11 flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere state ESTABLISHED tcp dpts:ipcserver:65535 flags:!SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere state ESTABLISHED tcp dpt:ftp-data flags:!SYN,RST,ACK/SYN
DROP udp -- anywhere anywhere udp dpt:ssh
DROP udp -- anywhere anywhere udp dpt:sunrpc
DROP udp -- anywhere anywhere udp dpt:sunrpc
DROP udp -- anywhere anywhere udp dpt:netbios-ns
DROP udp -- anywhere anywhere udp dpt:netbios-dgm
DROP udp -- anywhere anywhere udp dpt:ipp
DROP udp -- anywhere anywhere udp dpt:ipp
DROP udp -- anywhere anywhere udp dpt:smpnameres
DROP udp -- anywhere anywhere udp dpt:x11
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED udp dpts:1024:65535
LOG tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp redirect LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp echo-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp timestamp-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp address-mask-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- anywhere anywhere state INVALID LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- anywhere anywhere

Chain input_int (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp echo-reply
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp time-exceeded
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp parameter-problem
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp timestamp-reply
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp address-mask-reply
LOG icmp -- anywhere anywhere icmp redirect LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp timestamp-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp address-mask-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
LOG icmp -- anywhere anywhere icmp type 2 LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-ICMP-CRIT '
DROP icmp -- anywhere anywhere
reject_func tcp -- anywhere anywhere tcp dpt:ident flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere state ESTABLISHED tcp dpts:ipcserver:65535 flags:!SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere state ESTABLISHED tcp dpt:ftp-data flags:!SYN,RST,ACK/SYN
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED udp dpts:1024:65535
LOG tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp source-quench LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp redirect LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp echo-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp timestamp-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG icmp -- anywhere anywhere icmp address-mask-request LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG udp -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT '
LOG all -- anywhere anywhere state INVALID LOG level warning tcp-options ip-options prefix `SuSE-FW-DROP-DEFAULT-INVALID '
DROP all -- anywhere anywhere

Chain reject_func (3 references)
target prot opt source destination
REJECT tcp -- anywhere anywhere reject-with tcp-reset
REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable
REJECT all -- anywhere anywhere reject-with icmp-proto-unreachable

 
Old 08-02-2003, 07:49 PM   #5
antken
Member
 
Registered: Nov 2000
Location: england
Distribution: latest Mandrake
Posts: 368

Rep: Reputation: 30
wow,

such a big firewall setup!

XP - yuk yuk yuk

first i need to ask you, is this machine directly internet connected?

if not its not directly connected to your internet connection, i ( personally ) would recommend flushing your firewall script compleatly and starting from scratch

your firewall has this line in the output table:
DROP icmp -- anywhere anywhere icmp destination-unreachable

basically its dropping all icmp trafic ( Ping, traceroute ) coming from anywhere going to anywhere and give the destination unreachable error back to the program

however there are two options either my previous one ( blank the lot and reset it ( IF its not internet connected ) or we can try and pick through the current setup

to blank it you can do the following as root:
iptables -F
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

that will leave you with no firewall, caution is advised, linux questions and i are not reponsible if you machine gets broken becuase of some hacker ( sorry i have to metion it but its silly to be directly connected to the web and have no firewall )

for now i will suggest trying that, if you get a response from the pings we know its the firewall, and we can start going through it bit by bit








also looking at the out put of ifconfig i see that the card is receiving no packets, no you'v either just switched the box on or the card is broken

also its nice to see some ipv6 out there
 
Old 08-02-2003, 08:09 PM   #6
Thermodynamic
Member
 
Registered: Apr 2003
Posts: 63

Original Poster
Rep: Reputation: 15
Yup, it's directly connected to the internet (via the 56k modem).

I did what you said and looked at the iptables config to verify those were the only instructions. Then I tried pinging back to my XP boxes. Still no go, "destination is unreachable".

I reconfigured SuSEFirewall2 before reconnecting to the 'net. So I'm back where I started.

I still think there might a problem between what the switch sees as the connection (100Mb/full duplex) and what Linux is thinking. I had a similar problem with Windows once, but I'm still more familiar with Windows... :-( But that aside, what else could be wrong?

I am tempted to put in the other ethernet adapter just to see if it works. It could possibly be the jack on the mobo that doesn't work and I've never twisted the cable to the point where it would have gone bad, though I should test it anyway.

Thanks for your help so far!
 
Old 08-03-2003, 09:12 AM   #7
antken
Member
 
Registered: Nov 2000
Location: england
Distribution: latest Mandrake
Posts: 368

Rep: Reputation: 30
hummm intresting

one last thing you could try before you do the card, flush the firewall rules again and check on your XP boxes to see if you have microsofts firewall thing active if you do switch it off and then try pinging back to the windows box.

also after flushing the firewall try pinging the linux box again from a windows box, after doing that, successful or not, go to the linux box, log in as root and run ifconfig has the received and transmitted packects gone up?

also after flushing the firewall, as root type the following command:
echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all

then try pinging again from windows, does it work or fail?

 
Old 08-06-2003, 01:46 AM   #8
anjan_bhushan
LQ Newbie
 
Registered: Jul 2003
Distribution: Suse, Mandrake, Redhat, Knoppix ,Solaris, Debian,Vector
Posts: 16

Rep: Reputation: 0
A very dumb question was you able to ping locally on linux
ping 192.168.0.2
 
Old 08-06-2003, 03:15 AM   #9
zero_copy
Member
 
Registered: Aug 2003
Location: CT
Distribution: Slackware
Posts: 45

Rep: Reputation: 15
what version of XP do u run? your up sh*ts creek if you have HOME. at least thats how it played out for me about a year ago... PRO works fine but HOME wont even recognize a ping....youll find that when windows tries to ping linux, if you run a tcpdump, youll see the linux box send and ACK back but windows says it doesnt get it.....so if you have HOME edition im betting thats the problem.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Unable to ping my Linux box on windows network rajjay Linux - Networking 1 04-07-2009 11:16 AM
Cant Ping my Linux Box from Windows eroica Linux - Networking 10 11-17-2004 06:26 PM
Unable to ping Linux box from Windows westone Linux - Networking 5 07-14-2004 04:41 PM
can't ping linux box from windows - sorry, another one! stretchcomfort Linux - Networking 6 08-18-2003 05:24 PM
Unable to ping my Linux box on windows network rajjay Linux - Networking 18 07-28-2003 05:14 AM


All times are GMT -5. The time now is 01:51 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration