Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Because of my job, I use my laptop (Mandriva 2007) on several different networks (7, to be precise, including my own at home). With no exception, there're all adsl modem/router. Because of this, my computer is configured to get its network/internet settings automatically through DHCP from each modem/server.
Until now, I had no problem, but coming back after one month to one of the school I work, I found out their network configuration had been modified (new ISP, I believe), and I now can't properly access the internet there.
To be more precise, my computer gets access to the local network (can see/access other computers on it). I can ping wherever I wish, be it from IP addresses or site names (google, yahoo...). But, if I try to properly access the internet through whatever application (browsers including lynx, mailer, news, lastfm, telnet, bittorrent, you name it...) I can access nothing - though the name resolution process properly. It just doesn't load anything. Just to make sure, I also tried disabling IPV6 in firefox, but no cookie.
Checking on another computer that works properly, gateway and DNS server seem properly set up.
Once again, on another network the day before and my own in the evening, there's no problem.
Of course, all the schools' networks are populated with windows box only, and the other people there are of no help, both because of their lack of skill and the language barrier.
Thanks for answering - yes 'a little strange' seems completely appropriate .
Anyway, here the output from 'iptables -nvL':
Chain INPUT (policy ACCEPT 18 packets, 2158 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 17 packets, 1219 bytes)
pkts bytes target prot opt in out source destination
======
And from tcpdump, exact command, term and file output while trying to browse first google and then slashdot:
Command :
tcpdump -nn > TCPDump.txt
Output in term:
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
291 packets captured
582 packets received by filter
0 packets dropped by kernel
TCPDump.txt:
09:01:37.430126 IP 192.168.0.113.631 > 192.168.0.255.631: UDP, length 183
09:01:37.481488 IP 192.168.0.104.1140 > 192.168.0.113.445: P 3318215103:3318215142(39) ack 1551880277 win 65133
09:01:37.481855 IP 192.168.0.113.445 > 192.168.0.104.1140: P 1:40(39) ack 39 win 10720
09:01:37.482091 IP 192.168.0.104.1140 > 192.168.0.113.445: P 39:82(43) ack 40 win 65094
09:01:37.482495 IP 192.168.0.113.445 > 192.168.0.104.1140: P 40:83(43) ack 82 win 10720
09:01:37.482698 IP 192.168.0.104.1140 > 192.168.0.113.445: P 82:121(39) ack 83 win 65051
09:01:37.482844 IP 192.168.0.113.445 > 192.168.0.104.1140: P 83:122(39) ack 121 win 10720
09:01:37.483134 IP 192.168.0.104.1140 > 192.168.0.113.445: F 121:121(0) ack 122 win 65012
09:01:37.484909 IP 192.168.0.113.445 > 192.168.0.104.1140: F 122:122(0) ack 122 win 10720
09:01:37.485065 IP 192.168.0.104.1140 > 192.168.0.113.445: . ack 123 win 65012
09:01:40.814022 IP 192.168.0.113.45333 > 85.17.7.135.3210: S 1546616727:1546616727(0) win 5840 <mss 1460,sackOK,timestamp 424555 0,nop,wscale 7>
09:01:41.349368 arp who-has 192.168.0.70 tell 192.168.0.104
09:01:42.904422 IP 192.168.0.113.46048 > 64.233.167.99.80: S 1557175616:1557175616(0) win 5840 <mss 1460,sackOK,timestamp 425077 0,nop,wscale 7>
09:01:43.214109 IP 192.168.0.113.60812 > 64.34.174.166.1635: S 1529783563:1529783563(0) win 5840 <mss 1460,sackOK,timestamp 425155 0,nop,wscale 7>
09:01:45.902185 IP 192.168.0.113.46048 > 64.233.167.99.80: S 1557175616:1557175616(0) win 5840 <mss 1460,sackOK,timestamp 425827 0,nop,wscale 7>
09:01:47.616186 IP 192.168.0.113.53560 > 66.90.73.253.8899: S 1567456975:1567456975(0) win 5840 <mss 1460,sackOK,timestamp 426255 0,nop,wscale 7>
09:01:50.614348 IP 192.168.0.113.53560 > 66.90.73.253.8899: S 1567456975:1567456975(0) win 5840 <mss 1460,sackOK,timestamp 427005 0,nop,wscale 7>
09:01:51.906456 IP 192.168.0.113.46048 > 64.233.167.99.80: S 1557175616:1557175616(0) win 5840 <mss 1460,sackOK,timestamp 427328 0,nop,wscale 7>
09:01:52.814421 IP 192.168.0.113.45333 > 85.17.7.135.3210: S 1546616727:1546616727(0) win 5840 <mss 1460,sackOK,timestamp 427555 0,nop,wscale 7>
09:01:54.310458 arp who-has 192.168.0.1 tell 192.168.0.113
09:01:54.312092 arp reply 192.168.0.1 is-at 00:0a:79:93:5f:c3
09:01:56.614555 IP 192.168.0.113.53560 > 66.90.73.253.8899: S 1567456975:1567456975(0) win 5840 <mss 1460,sackOK,timestamp 428505 0,nop,wscale 7>
09:01:57.216262 IP 192.168.0.113.58557 > 213.251.161.69.4661: S 1573566687:1573566687(0) win 5840 <mss 1460,sackOK,timestamp 428655 0,nop,wscale 7>
09:01:58.382996 IP 192.168.0.113.32771 > 192.168.0.1.53: 28459+ A? slashdot.org. (30)
09:01:58.386330 IP 192.168.0.1.53 > 192.168.0.113.32771: 28459 1/5/5 A 66.35.250.150 (235)
09:01:58.386862 IP 192.168.0.113.52886 > 66.35.250.150.80: S 1576941090:1576941090(0) win 5840 <mss 1460,sackOK,timestamp 428948 0,nop,wscale 7>
09:01:59.207282 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:01:59.211127 arp who-has 192.168.0.108 tell 192.168.0.90
09:01:59.408258 IP 192.168.0.108.138 > 192.168.0.255.138: NBT UDP PACKET(138)
09:01:59.408423 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:01:59.410630 arp who-has 192.168.0.108 tell 192.168.0.113
09:01:59.410761 arp reply 192.168.0.108 is-at 00:e0:00:3c:66:95
09:01:59.410774 IP 192.168.0.113.138 > 192.168.0.108.138: NBT UDP PACKET(138)
09:02:00.157099 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:00.214668 IP 192.168.0.113.58557 > 213.251.161.69.4661: S 1573566687:1573566687(0) win 5840 <mss 1460,sackOK,timestamp 429405 0,nop,wscale 7>
09:02:00.908220 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:01.386700 IP 192.168.0.113.52886 > 66.35.250.150.80: S 1576941090:1576941090(0) win 5840 <mss 1460,sackOK,timestamp 429698 0,nop,wscale 7>
09:02:01.684838 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:01.685026 IP 192.168.0.113.137 > 192.168.0.108.137: NBT UDP PACKET(137): QUERY; POSITIVE; RESPONSE; UNICAST
09:02:01.685280 IP 192.168.0.108.1112 > 192.168.0.113.139: S 1657019969:1657019969(0) win 65535 <mss 1460,nop,nop,sackOK>
09:02:01.685320 IP 192.168.0.113.139 > 192.168.0.108.1112: S 1568903161:1568903161(0) ack 1657019970 win 5840 <mss 1460,nop,nop,sackOK>
09:02:01.685505 IP 192.168.0.108.1112 > 192.168.0.113.139: P 1:73(72) ack 1 win 65535 NBT Session Packet: Session Request
09:02:01.685545 IP 192.168.0.113.139 > 192.168.0.108.1112: . ack 73 win 5840
09:02:01.690519 IP 192.168.0.113.139 > 192.168.0.108.1112: P 1:5(4) ack 73 win 5840 NBT Session Packet: Session Granted
09:02:01.690958 IP 192.168.0.108.1112 > 192.168.0.113.139: P 73:210(137) ack 5 win 65531 NBT Session Packet: Session Message
09:02:01.691865 IP 192.168.0.113.139 > 192.168.0.108.1112: P 5:136(131) ack 210 win 6432 NBT Session Packet: Session Message
09:02:01.732837 IP 192.168.0.108.1112 > 192.168.0.113.139: P 210:450(240) ack 136 win 65400 NBT Session Packet: Session Message
09:02:01.734075 IP 192.168.0.113.139 > 192.168.0.108.1112: P 136:392(256) ack 450 win 7504 NBT Session Packet: Session Message
09:02:01.734762 IP 192.168.0.108.1112 > 192.168.0.113.139: P 450:732(282) ack 392 win 65144 NBT Session Packet: Session Message
09:02:01.735781 IP 192.168.0.113.139 > 192.168.0.108.1112: P 392:504(112) ack 732 win 8576 NBT Session Packet: Session Message
09:02:01.756470 IP 192.168.0.108.1112 > 192.168.0.113.139: P 732:816(84) ack 504 win 65032 NBT Session Packet: Session Message
09:02:01.757160 IP 192.168.0.113.139 > 192.168.0.108.1112: P 504:556(52) ack 816 win 8576 NBT Session Packet: Session Message
09:02:01.757851 IP 192.168.0.108.1112 > 192.168.0.113.139: P 816:947(131) ack 556 win 64980 NBT Session Packet: Session Message
09:02:01.758250 IP 192.168.0.113.139 > 192.168.0.108.1112: P 556:671(115) ack 947 win 9648 NBT Session Packet: Session Message
09:02:01.758660 IP 192.168.0.108.1112 > 192.168.0.113.139: P 947:990(43) ack 671 win 64865 NBT Session Packet: Session Message
09:02:01.758891 IP 192.168.0.113.139 > 192.168.0.108.1112: P 671:714(43) ack 990 win 9648 NBT Session Packet: Session Message
09:02:01.759125 IP 192.168.0.108.1112 > 192.168.0.113.139: P 990:1029(39) ack 714 win 64822 NBT Session Packet: Session Message
09:02:01.759278 IP 192.168.0.113.139 > 192.168.0.108.1112: P 714:753(39) ack 1029 win 9648 NBT Session Packet: Session Message
09:02:01.760562 IP 192.168.0.108.1112 > 192.168.0.113.139: F 1029:1029(0) ack 753 win 64783
09:02:01.762328 IP 192.168.0.113.139 > 192.168.0.108.1112: F 753:753(0) ack 1030 win 9648
09:02:01.762522 IP 192.168.0.108.1112 > 192.168.0.113.139: . ack 754 win 64783
09:02:01.824394 IP 192.168.0.108.1114 > 192.168.0.113.139: S 3960164945:3960164945(0) win 65535 <mss 1460,nop,nop,sackOK>
09:02:01.824440 IP 192.168.0.113.139 > 192.168.0.108.1114: S 1574697157:1574697157(0) ack 3960164946 win 5840 <mss 1460,nop,nop,sackOK>
09:02:01.824639 IP 192.168.0.108.1114 > 192.168.0.113.139: P 1:73(72) ack 1 win 65535 NBT Session Packet: Session Request
09:02:01.824676 IP 192.168.0.113.139 > 192.168.0.108.1114: . ack 73 win 5840
09:02:01.827437 IP 192.168.0.113.139 > 192.168.0.108.1114: P 1:5(4) ack 73 win 5840 NBT Session Packet: Session Granted
09:02:01.870721 IP 192.168.0.108.1114 > 192.168.0.113.139: P 73:210(137) ack 5 win 65531 NBT Session Packet: Session Message
09:02:01.871399 IP 192.168.0.113.139 > 192.168.0.108.1114: P 5:136(131) ack 210 win 6432 NBT Session Packet: Session Message
09:02:01.872451 IP 192.168.0.108.1114 > 192.168.0.113.139: P 210:450(240) ack 136 win 65400 NBT Session Packet: Session Message
09:02:01.873560 IP 192.168.0.113.139 > 192.168.0.108.1114: P 136:392(256) ack 450 win 7504 NBT Session Packet: Session Message
09:02:01.912282 IP 192.168.0.108.1114 > 192.168.0.113.139: P 450:810(360) ack 392 win 65144 NBT Session Packet: Session Message
09:02:01.913092 IP 192.168.0.113.139 > 192.168.0.108.1114: P 392:504(112) ack 810 win 8576 NBT Session Packet: Session Message
09:02:01.913856 IP 192.168.0.108.1114 > 192.168.0.113.139: P 810:894(84) ack 504 win 65032 NBT Session Packet: Session Message
09:02:01.914662 IP 192.168.0.113.139 > 192.168.0.108.1114: P 504:556(52) ack 894 win 8576 NBT Session Packet: Session Message
09:02:01.988613 IP 192.168.0.108.1114 > 192.168.0.113.139: P 894:998(104) ack 556 win 64980 NBT Session Packet: Session Message
09:02:01.989068 IP 192.168.0.113.139 > 192.168.0.108.1114: P 556:663(107) ack 998 win 8576 NBT Session Packet: Session Message
09:02:02.038884 IP 192.168.0.108.1114 > 192.168.0.113.139: P 998:1138(140) ack 663 win 64873 NBT Session Packet: Session Message
09:02:02.039186 IP 192.168.0.113.139 > 192.168.0.108.1114: P 663:714(51) ack 1138 win 9648 NBT Session Packet: Session Message
09:02:02.040012 IP 192.168.0.108.1114 > 192.168.0.113.139: P 1138:1201(63) ack 714 win 64822 NBT Session Packet: Session Message
09:02:02.040079 IP 192.168.0.113.139 > 192.168.0.108.1114: P 714:845(131) ack 1201 win 9648 NBT Session Packet: Session Message
09:02:02.041334 IP 192.168.0.108.1114 > 192.168.0.113.139: P 1201:1377(176) ack 845 win 64691 NBT Session Packet: Session Message
09:02:02.041701 IP 192.168.0.113.139 > 192.168.0.108.1114: P 845:1521(676) ack 1377 win 10720 NBT Session Packet: Session Message
09:02:02.042279 IP 192.168.0.108.1114 > 192.168.0.113.139: P 1377:1422(45) ack 1521 win 65535 NBT Session Packet: Session Message
09:02:02.042356 IP 192.168.0.113.139 > 192.168.0.108.1114: P 1521:1560(39) ack 1422 win 10720 NBT Session Packet: Session Message
09:02:02.054015 arp who-has 192.168.0.1 tell 192.168.0.108
09:02:02.090983 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:02.116302 IP 192.168.0.108 > 192.168.0.113: ICMP echo request, id 512, seq 256, length 40
09:02:02.116349 IP 192.168.0.113 > 192.168.0.108: ICMP echo reply, id 512, seq 256, length 40
09:02:02.149947 IP 192.168.0.108.1114 > 192.168.0.113.139: . ack 1560 win 65496
09:02:02.176264 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:02.841064 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:02.921179 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:03.376683 arp who-has 192.168.0.113 tell 192.168.0.1
09:02:03.376709 arp reply 192.168.0.113 is-at 00:0f:b0:0f:6b:bf
09:02:03.592124 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:03.672228 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:04.424254 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:05.174417 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:05.925523 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:06.214866 IP 192.168.0.113.58557 > 213.251.161.69.4661: S 1573566687:1573566687(0) win 5840 <mss 1460,sackOK,timestamp 430905 0,nop,wscale 7>
09:02:06.724172 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:06.724637 arp who-has 192.168.0.108 tell 192.168.0.102
09:02:06.732981 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:06.819142 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:07.386901 IP 192.168.0.113.52886 > 66.35.250.150.80: S 1576941090:1576941090(0) win 5840 <mss 1460,sackOK,timestamp 431198 0,nop,wscale 7>
09:02:07.567912 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:08.319005 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:08.431168 IP 192.168.0.113.631 > 192.168.0.255.631: UDP, length 183
09:02:08.614946 IP 192.168.0.113.53560 > 66.90.73.253.8899: S 1567456975:1567456975(0) win 5840 <mss 1460,sackOK,timestamp 431505 0,nop,wscale 7>
09:02:11.882548 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:12.625277 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:12.845606 IP 192.168.0.108.1114 > 192.168.0.113.139: P 1422:1465(43) ack 1560 win 65496 NBT Session Packet: Session Message
09:02:12.845831 IP 192.168.0.113.139 > 192.168.0.108.1114: P 1560:1603(43) ack 1465 win 10720 NBT Session Packet: Session Message
09:02:12.846070 IP 192.168.0.108.1114 > 192.168.0.113.139: P 1465:1504(39) ack 1603 win 65453 NBT Session Packet: Session Message
09:02:12.846244 IP 192.168.0.113.139 > 192.168.0.108.1114: P 1603:1642(39) ack 1504 win 10720 NBT Session Packet: Session Message
09:02:12.846592 IP 192.168.0.108.1114 > 192.168.0.113.139: F 1504:1504(0) ack 1642 win 65414
09:02:12.848431 IP 192.168.0.113.139 > 192.168.0.108.1114: F 1642:1642(0) ack 1505 win 10720
09:02:12.848610 IP 192.168.0.108.1114 > 192.168.0.113.139: . ack 1643 win 65414
09:02:13.117233 IP 192.168.0.113.45681 > 88.191.28.178.4232: S 1595015881:1595015881(0) win 5840 <mss 1460,sackOK,timestamp 432630 0,nop,wscale 7>
09:02:13.282570 IPX 00000000.00:e0:00:8a:c7:98.4008 > 00000000.ff:ff:ff:ff:ff:ff.0452: ipx-sap-resp 0640 'FM-ARASINA[|ipx 64]
09:02:13.383165 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:14.132971 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:14.878554 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:15.629656 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:16.115200 IP 192.168.0.113.45681 > 88.191.28.178.4232: S 1595015881:1595015881(0) win 5840 <mss 1460,sackOK,timestamp 433380 0,nop,wscale 7>
09:02:16.389329 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:16.456778 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:16.460294 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:17.201947 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:17.202057 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:17.953043 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:17.953156 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:18.215268 IP 192.168.0.113.58557 > 213.251.161.69.4661: S 1573566687:1573566687(0) win 5840 <mss 1460,sackOK,timestamp 433905 0,nop,wscale 7>
Yes, i can see the name resolutions being done & packets being generated for google & slashdot, but somehow i saw 20+ packets being generated for many different sites for port different from 80 & 443. You better inspect at this issue, as this could possibily a security breach, some worm or something else.
Apart from that, i am really curious to see icmp packets communication log for any internet site as well as you earlier said they are being done in OKAY manner. Can you please dump the packet logs while you ping few websites; as you said ping is working. While the same time, do repost with the output of "ip rou ls".
Thanks for the answer (and the analysis).
Unfortunately (or fortunately ?), last Friday was the last day of the month I had at this specific school. I won't go back there before the end of January. I'll have to wait until then to do the tests.
While I'm at it, and to save some time, is there any other test you think may be of interest to do?
Well, back at school. Another one but the same problem. The f*#$! is being (has been?) deployed over all the town's school networks.
I'm getting to wonder whether the problem doesn't come from a weird server's firewall configuration: after installing firefox (either 2.0.0.1 or 1.5.0.9 with ipv6 disabled) on a windows box that does work, I had the 'nice' surprise to see it couldn't access the internet either. Let me stress that there's no problem through IE.
Anyway, since it's another school, I did everything all over again.
So here is the result of the 'iptable -nvL' command:
Code:
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
6 460 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 eth2_in all -- eth2 * 0.0.0.0/0 0.0.0.0/0
0 0 eth1_in all -- eth1 * 0.0.0.0/0 0.0.0.0/0
392 54065 eth0_in all -- eth0 * 0.0.0.0/0 0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:INPUT:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 eth2_fwd all -- eth2 * 0.0.0.0/0 0.0.0.0/0
0 0 eth1_fwd all -- eth1 * 0.0.0.0/0 0.0.0.0/0
0 0 eth0_fwd all -- eth0 * 0.0.0.0/0 0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:FORWARD:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
6 460 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 fw2net all -- * eth2 0.0.0.0/0 0.0.0.0/0 policy match dir out pol none
0 0 fw2net all -- * eth1 0.0.0.0/0 0.0.0.0/0 policy match dir out pol none
907 72803 fw2net all -- * eth0 0.0.0.0/0 0.0.0.0/0 policy match dir out pol none
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:OUTPUT:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
Chain Drop (1 references)
pkts bytes target prot opt in out source destination
0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:113
16 1256 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 4
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 11
16 1256 dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 135,445
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139
12 1080 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:137 dpts:1024:65535
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 135,139,445
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 dropNotSyn tcp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:53
Chain Reject (4 references)
pkts bytes target prot opt in out source destination
0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:113
0 0 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 4
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 11
0 0 dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 135,445
0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139
0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:137 dpts:1024:65535
0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 135,139,445
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 dropNotSyn tcp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:53
Chain all2all (0 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:all2all:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
Chain dropBcast (2 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = multicast
Chain dropInvalid (2 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
Chain dropNotSyn (2 references)
pkts bytes target prot opt in out source destination
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02
Chain dynamic (6 references)
pkts bytes target prot opt in out source destination
Chain eth0_fwd (1 references)
pkts bytes target prot opt in out source destination
0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW
0 0 ACCEPT all -- * eth2 0.0.0.0/0 0.0.0.0/0 policy match dir out pol none
0 0 ACCEPT all -- * eth1 0.0.0.0/0 0.0.0.0/0 policy match dir out pol none
Chain eth0_in (1 references)
pkts bytes target prot opt in out source destination
264 38109 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW
392 54065 net2fw all -- * * 0.0.0.0/0 0.0.0.0/0 policy match dir in pol none
Chain eth1_fwd (1 references)
pkts bytes target prot opt in out source destination
0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW
0 0 ACCEPT all -- * eth2 0.0.0.0/0 0.0.0.0/0 policy match dir out pol none
0 0 ACCEPT all -- * eth0 0.0.0.0/0 0.0.0.0/0 policy match dir out pol none
Chain eth1_in (1 references)
pkts bytes target prot opt in out source destination
0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW
0 0 net2fw all -- * * 0.0.0.0/0 0.0.0.0/0 policy match dir in pol none
Chain eth2_fwd (1 references)
pkts bytes target prot opt in out source destination
0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW
0 0 ACCEPT all -- * eth1 0.0.0.0/0 0.0.0.0/0 policy match dir out pol none
0 0 ACCEPT all -- * eth0 0.0.0.0/0 0.0.0.0/0 policy match dir out pol none
Chain eth2_in (1 references)
pkts bytes target prot opt in out source destination
0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW
0 0 net2fw all -- * * 0.0.0.0/0 0.0.0.0/0 policy match dir in pol none
Chain fw2net (3 references)
pkts bytes target prot opt in out source destination
88 7933 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
819 64870 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain logdrop (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:logdrop:DROP:'
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain logreject (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:logreject:REJECT:'
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
Chain net2all (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
16 1256 Drop all -- * * 0.0.0.0/0 0.0.0.0/0
4 176 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:net2all:DROP:'
4 176 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain net2fw (3 references)
pkts bytes target prot opt in out source destination
128 15956 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
247 36805 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 137,138,139,445,1024:1100,631
1 48 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 137,138,139,445,1024:1100,631,6881:6999
16 1256 net2all all -- * * 0.0.0.0/0 0.0.0.0/0
Chain reject (11 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 255.255.255.255 0.0.0.0/0
0 0 DROP all -- * * 224.0.0.0/4 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = multicast
0 0 DROP all -- * * 255.255.255.255 0.0.0.0/0
0 0 DROP all -- * * 224.0.0.0/4 0.0.0.0/0
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
0 0 REJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-unreachable
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain shorewall (0 references)
pkts bytes target prot opt in out source destination
Chain smurfs (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 192.168.0.255 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:'
0 0 DROP all -- * * 192.168.0.255 0.0.0.0/0
0 0 LOG all -- * * 255.255.255.255 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:'
0 0 DROP all -- * * 255.255.255.255 0.0.0.0/0
0 0 LOG all -- * * 224.0.0.0/4 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:'
0 0 DROP all -- * * 224.0.0.0/4 0.0.0.0/0
Here is 'tcpdump -nn', where I tried browsing google, gmail, yahoo and slashdot.
The terminal output :
Code:
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
61 packets captured
122 packets received by filter
0 packets dropped by kernel
and the result itself:
Code:
10:09:06.033388 IP 192.168.0.105.32773 > 192.168.0.1.53: 49925+ A? www.google.com. (32)
10:09:06.033712 IP 192.168.0.1.53 > 192.168.0.105.32773: 49925 3/7/7 CNAME www.l.google.com.,[|domain]
10:09:06.033736 IP 192.168.0.105.44479 > 66.249.89.104.80: S 955303653:955303653(0) win 5840 <mss 1460,sackOK,timestamp 523683 0,nop,wscale 7>
10:09:09.029369 IP 192.168.0.105.44479 > 66.249.89.104.80: S 955303653:955303653(0) win 5840 <mss 1460,sackOK,timestamp 524433 0,nop,wscale 7>
10:09:11.024952 arp who-has 192.168.0.105 tell 192.168.0.1
10:09:11.024979 arp reply 192.168.0.105 is-at 00:0f:b0:0f:6b:bf
10:09:13.473508 IP 192.168.0.105.60508 > 64.34.178.57.7190: S 940968012:940968012(0) win 5840 <mss 1460,sackOK,timestamp 525544 0,nop,wscale 7>
10:09:14.561553 IP 192.168.0.105.40432 > 66.172.60.133.4661: S 948632301:948632301(0) win 5840 <mss 1460,sackOK,timestamp 525816 0,nop,wscale 7>
10:09:17.469709 IP 192.168.0.104.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
10:09:17.475947 arp who-has 192.168.0.52 tell 192.168.0.104
10:09:17.480526 arp who-has 192.168.0.1 tell 192.168.0.104
10:09:17.521320 IP 192.168.0.104.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
10:09:18.063488 IP 192.168.0.105.45725 > 62.241.53.4.4242: S 962742521:962742521(0) win 5840 <mss 1460,sackOK,timestamp 526691 0,nop,wscale 7>
10:09:19.062604 IP 192.168.0.105.58067 > 72.51.37.107.9123: S 988075231:988075231(0) win 5840 <mss 1460,sackOK,timestamp 526941 0,nop,wscale 7>
10:09:20.895414 IP 192.168.0.105.32773 > 192.168.0.1.53: 13014+ A? www.gmail.com. (31)
10:09:20.898958 IP 192.168.0.1.53 > 192.168.0.105.32773: 13014 5/7/7 CNAME[|domain]
10:09:20.906234 IP 192.168.0.105.45644 > 209.85.139.18.80: S 982540781:982540781(0) win 5840 <mss 1460,sackOK,timestamp 527402 0,nop,wscale 7>
10:09:21.061811 IP 192.168.0.105.45725 > 62.241.53.4.4242: S 962742521:962742521(0) win 5840 <mss 1460,sackOK,timestamp 527441 0,nop,wscale 7>
10:09:22.061852 IP 192.168.0.105.58067 > 72.51.37.107.9123: S 988075231:988075231(0) win 5840 <mss 1460,sackOK,timestamp 527691 0,nop,wscale 7>
10:09:23.061868 arp who-has 192.168.0.1 tell 192.168.0.105
10:09:23.063502 arp reply 192.168.0.1 is-at 00:0a:79:93:4c:1f
10:09:23.634244 IP 192.168.0.105.631 > 192.168.0.255.631: UDP, length 183
10:09:23.905925 IP 192.168.0.105.45644 > 209.85.139.18.80: S 982540781:982540781(0) win 5840 <mss 1460,sackOK,timestamp 528152 0,nop,wscale 7>
10:09:27.062056 IP 192.168.0.105.45725 > 62.241.53.4.4242: S 962742521:962742521(0) win 5840 <mss 1460,sackOK,timestamp 528941 0,nop,wscale 7>
10:09:27.305280 arp who-has 192.168.0.104 tell 192.168.0.100
10:09:28.062092 IP 192.168.0.105.58067 > 72.51.37.107.9123: S 988075231:988075231(0) win 5840 <mss 1460,sackOK,timestamp 529191 0,nop,wscale 7>
10:09:29.906170 IP 192.168.0.105.45644 > 209.85.139.18.80: S 982540781:982540781(0) win 5840 <mss 1460,sackOK,timestamp 529652 0,nop,wscale 7>
10:09:33.521381 IP 192.168.0.106.138 > 192.168.0.255.138: NBT UDP PACKET(138)
10:09:37.035160 IP 192.168.0.105.32773 > 192.168.0.1.53: 7223+ A? www.yahoo.com. (31)
10:09:37.038558 IP 192.168.0.1.53 > 192.168.0.105.32773: 7223 2/8/8 CNAME[|domain]
10:09:37.039912 IP 192.168.0.105.34614 > 209.131.36.158.80: S 994232550:994232550(0) win 5840 <mss 1460,sackOK,timestamp 531435 0,nop,wscale 7>
10:09:39.062532 IP 192.168.0.105.45725 > 62.241.53.4.4242: S 962742521:962742521(0) win 5840 <mss 1460,sackOK,timestamp 531941 0,nop,wscale 7>
10:09:40.038569 IP 192.168.0.105.34614 > 209.131.36.158.80: S 994232550:994232550(0) win 5840 <mss 1460,sackOK,timestamp 532185 0,nop,wscale 7>
10:09:40.062570 IP 192.168.0.105.58067 > 72.51.37.107.9123: S 988075231:988075231(0) win 5840 <mss 1460,sackOK,timestamp 532191 0,nop,wscale 7>
10:09:43.764653 IP 192.168.0.105.54763 > 72.51.38.139.8699: S 1015594724:1015594724(0) win 5840 <mss 1460,sackOK,timestamp 533116 0,nop,wscale 7>
10:09:44.763678 IP 192.168.0.105.40606 > 72.51.38.141.9990: S 1013285997:1013285997(0) win 5840 <mss 1460,sackOK,timestamp 533366 0,nop,wscale 7>
10:09:45.576922 arp who-has 192.168.0.16 tell 192.168.0.100
10:09:45.617190 arp who-has 192.168.0.105 tell 192.168.0.100
10:09:45.617228 arp reply 192.168.0.105 is-at 00:0f:b0:0f:6b:bf
10:09:45.618001 IP 192.168.0.100.1723 > 192.168.0.105.139: P 3139137315:3139137319(4) ack 786785374 win 16487: pptp [|pptp]
10:09:45.654807 IP 192.168.0.105.139 > 192.168.0.100.1723: . ack 4 win 10720
10:09:46.038806 IP 192.168.0.105.34614 > 209.131.36.158.80: S 994232550:994232550(0) win 5840 <mss 1460,sackOK,timestamp 533685 0,nop,wscale 7>
10:09:46.762841 IP 192.168.0.105.54763 > 72.51.38.139.8699: S 1015594724:1015594724(0) win 5840 <mss 1460,sackOK,timestamp 533866 0,nop,wscale 7>
10:09:47.762893 IP 192.168.0.105.40606 > 72.51.38.141.9990: S 1013285997:1013285997(0) win 5840 <mss 1460,sackOK,timestamp 534116 0,nop,wscale 7>
10:09:50.654958 arp who-has 192.168.0.100 tell 192.168.0.105
10:09:50.655246 arp reply 192.168.0.100 is-at 00:00:4c:6e:6f:fb
10:09:52.675039 arp who-has 192.168.0.1 tell 192.168.0.105
10:09:52.676675 arp reply 192.168.0.1 is-at 00:0a:79:93:4c:1f
10:09:52.763074 IP 192.168.0.105.54763 > 72.51.38.139.8699: S 1015594724:1015594724(0) win 5840 <mss 1460,sackOK,timestamp 535366 0,nop,wscale 7>
10:09:53.120004 IP 192.168.0.105.56613 > 66.35.250.151.80: S 1024552314:1024552314(0) win 5840 <mss 1460,sackOK,timestamp 535455 0,nop,wscale 7>
10:09:53.763113 IP 192.168.0.105.40606 > 72.51.38.141.9990: S 1013285997:1013285997(0) win 5840 <mss 1460,sackOK,timestamp 535616 0,nop,wscale 7>
10:09:53.843191 IP 192.168.0.105.123 > 204.9.55.254.123: NTPv4, Client, length 48
10:09:53.870528 IP 204.9.55.254.123 > 192.168.0.105.123: NTPv4, Server, length 48
10:09:54.639257 IP 192.168.0.105.631 > 192.168.0.255.631: UDP, length 183
10:09:56.119208 IP 192.168.0.105.56613 > 66.35.250.151.80: S 1024552314:1024552314(0) win 5840 <mss 1460,sackOK,timestamp 536205 0,nop,wscale 7>
10:10:02.119449 IP 192.168.0.105.56613 > 66.35.250.151.80: S 1024552314:1024552314(0) win 5840 <mss 1460,sackOK,timestamp 537705 0,nop,wscale 7>
10:10:04.763554 IP 192.168.0.105.54763 > 72.51.38.139.8699: S 1015594724:1015594724(0) win 5840 <mss 1460,sackOK,timestamp 538366 0,nop,wscale 7>
10:10:05.763593 IP 192.168.0.105.40606 > 72.51.38.141.9990: S 1013285997:1013285997(0) win 5840 <mss 1460,sackOK,timestamp 538616 0,nop,wscale 7>
10:10:08.962183 IP 192.168.0.105.44208 > 72.51.37.237.8899: S 1037576693:1037576693(0) win 5840 <mss 1460,sackOK,timestamp 539415 0,nop,wscale 7>
10:10:10.084089 IP 192.168.0.105.56037 > 72.51.38.142.7822: S 1025483855:1025483855(0) win 5840 <mss 1460,sackOK,timestamp 539696 0,nop,wscale 7>
10:10:11.959848 IP 192.168.0.105.44208 > 72.51.37.237.8899: S 1037576693:1037576693(0) win 5840 <mss 1460,sackOK,timestamp 540165 0,nop,wscale 7>
For the 'ip rou ls' command, I get this:
Code:
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.105 metric 10
169.254.0.0/16 dev eth0 scope link metric 10
127.0.0.0/8 dev lo scope link
default via 192.168.0.1 dev eth0 metric 10
As for the ping and subsequent tcpdump:
First, the pings and results:
Code:
ping www.google.com
PING www.l.google.com (66.249.89.104) 56(84) bytes of data.
64 bytes from 66.249.89.104: icmp_seq=1 ttl=239 time=27.4 ms
64 bytes from 66.249.89.104: icmp_seq=2 ttl=239 time=26.6 ms
64 bytes from 66.249.89.104: icmp_seq=3 ttl=239 time=27.9 ms
64 bytes from 66.249.89.104: icmp_seq=4 ttl=239 time=26.0 ms
64 bytes from 66.249.89.104: icmp_seq=5 ttl=239 time=26.3 ms
64 bytes from 66.249.89.104: icmp_seq=6 ttl=239 time=26.4 ms
--- www.l.google.com ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5002ms
rtt min/avg/max/mdev = 26.030/26.819/27.987/0.684 ms
Code:
ping www.gmail.com
PING googlemail.l.google.com (209.85.139.18) 56(84) bytes of data.
64 bytes from pr-in-f18.google.com (209.85.139.18): icmp_seq=1 ttl=235 time=187 ms
64 bytes from pr-in-f18.google.com (209.85.139.18): icmp_seq=2 ttl=235 time=187 ms
64 bytes from pr-in-f18.google.com (209.85.139.18): icmp_seq=3 ttl=235 time=188 ms
64 bytes from pr-in-f18.google.com (209.85.139.18): icmp_seq=4 ttl=235 time=188 ms
64 bytes from pr-in-f18.google.com (209.85.139.18): icmp_seq=5 ttl=235 time=187 ms
64 bytes from pr-in-f18.google.com (209.85.139.18): icmp_seq=6 ttl=235 time=187 ms
64 bytes from pr-in-f18.google.com (209.85.139.18): icmp_seq=7 ttl=235 time=188 ms
--- googlemail.l.google.com ping statistics ---
7 packets transmitted, 7 received, 0% packet loss, time 6005ms
rtt min/avg/max/mdev = 187.022/187.915/188.711/0.563 ms
Code:
ping www.yahoo.com
PING www.yahoo-ht2.akadns.net (209.131.36.158) 56(84) bytes of data.
64 bytes from f1.www.vip.sp1.yahoo.com (209.131.36.158): icmp_seq=1 ttl=46 time= 136 ms
64 bytes from f1.www.vip.sp1.yahoo.com (209.131.36.158): icmp_seq=2 ttl=46 time= 136 ms
64 bytes from f1.www.vip.sp1.yahoo.com (209.131.36.158): icmp_seq=3 ttl=46 time= 137 ms
64 bytes from f1.www.vip.sp1.yahoo.com (209.131.36.158): icmp_seq=4 ttl=46 time= 137 ms
64 bytes from f1.www.vip.sp1.yahoo.com (209.131.36.158): icmp_seq=5 ttl=46 time= 136 ms
64 bytes from f1.www.vip.sp1.yahoo.com (209.131.36.158): icmp_seq=6 ttl=47 time= 134 ms
64 bytes from f1.www.vip.sp1.yahoo.com (209.131.36.158): icmp_seq=7 ttl=46 time= 138 ms
64 bytes from f1.www.vip.sp1.yahoo.com (209.131.36.158): icmp_seq=8 ttl=46 time= 135 ms
64 bytes from f1.www.vip.sp1.yahoo.com (209.131.36.158): icmp_seq=9 ttl=46 time= 135 ms
--- www.yahoo-ht2.akadns.net ping statistics ---
9 packets transmitted, 9 received, 0% packet loss, time 7999ms
rtt min/avg/max/mdev = 134.797/136.585/138.525/1.071 ms
And here is the relevant 'tcpdump -nn'
Code:
10:12:24.553176 IP 192.168.0.105 > 66.249.89.104: ICMP echo request, id 6940, seq 2, length 64
10:12:24.579771 IP 66.249.89.104 > 192.168.0.105: ICMP echo reply, id 6940, seq 2, length 64
10:12:24.580073 IP 192.168.0.105.32773 > 192.168.0.1.53: 30797+ PTR? 104.89.249.66.in-addr.arpa. (44)
10:12:24.583554 IP 192.168.0.1.53 > 192.168.0.105.32773: 30797 NXDomain 0/1/0 (104)
10:12:25.553281 IP 192.168.0.105 > 66.249.89.104: ICMP echo request, id 6940, seq 3, length 64
10:12:25.581201 IP 66.249.89.104 > 192.168.0.105: ICMP echo reply, id 6940, seq 3, length 64
10:12:25.581503 IP 192.168.0.105.32773 > 192.168.0.1.53: 39408+ PTR? 104.89.249.66.in-addr.arpa. (44)
10:12:25.584855 IP 192.168.0.1.53 > 192.168.0.105.32773: 39408 NXDomain 0/1/0 (104)
10:12:25.761170 IP 192.168.0.105.59005 > 193.138.221.213.4242: S 1157713925:1157713925(0) win 5840 <mss 1460,sackOK,timestamp 573614 0,nop,wscale 7>
10:12:26.553299 IP 192.168.0.105 > 66.249.89.104: ICMP echo request, id 6940, seq 4, length 64
10:12:26.579262 IP 66.249.89.104 > 192.168.0.105: ICMP echo reply, id 6940, seq 4, length 64
10:12:26.579562 IP 192.168.0.105.32773 > 192.168.0.1.53: 49193+ PTR? 104.89.249.66.in-addr.arpa. (44)
10:12:26.583011 IP 192.168.0.1.53 > 192.168.0.105.32773: 49193 NXDomain 0/1/0 (104)
10:12:26.761213 IP 192.168.0.105.44596 > 66.172.60.151.4661: S 1155817203:1155817203(0) win 5840 <mss 1460,sackOK,timestamp 573864 0,nop,wscale 7>
10:12:27.390775 arp who-has 192.168.0.106 tell 192.168.0.100
10:12:27.553281 IP 192.168.0.105 > 66.249.89.104: ICMP echo request, id 6940, seq 5, length 64
10:12:27.579559 IP 66.249.89.104 > 192.168.0.105: ICMP echo reply, id 6940, seq 5, length 64
10:12:27.579866 IP 192.168.0.105.32773 > 192.168.0.1.53: 60877+ PTR? 104.89.249.66.in-addr.arpa. (44)
10:12:27.583528 IP 192.168.0.1.53 > 192.168.0.105.32773: 60877 NXDomain 0/1/0 (104)
10:12:28.553316 IP 192.168.0.105 > 66.249.89.104: ICMP echo request, id 6940, seq 6, length 64
10:12:28.579703 IP 66.249.89.104 > 192.168.0.105: ICMP echo reply, id 6940, seq 6, length 64
10:12:28.580008 IP 192.168.0.105.32773 > 192.168.0.1.53: 4513+ PTR? 104.89.249.66.in-addr.arpa. (44)
10:12:28.583434 IP 192.168.0.1.53 > 192.168.0.105.32773: 4513 NXDomain 0/1/0 (104)
10:12:29.629640 IP 192.168.0.105.631 > 192.168.0.255.631: UDP, length 183
10:12:37.761641 IP 192.168.0.105.59005 > 193.138.221.213.4242: S 1157713925:1157713925(0) win 5840 <mss 1460,sackOK,timestamp 576614 0,nop,wscale 7>
10:12:38.761679 IP 192.168.0.105.44596 > 66.172.60.151.4661: S 1155817203:1155817203(0) win 5840 <mss 1460,sackOK,timestamp 576864 0,nop,wscale 7>
10:12:40.249037 IP 192.168.0.105.32773 > 192.168.0.1.53: 14045+ A? www.gmail.com. (31)
10:12:40.252522 IP 192.168.0.1.53 > 192.168.0.105.32773: 14045 5/7/7 CNAME[|domain]
10:12:40.253013 IP 192.168.0.105 > 209.85.139.18: ICMP echo request, id 8988, seq 1, length 64
10:12:40.440818 IP 209.85.139.18 > 192.168.0.105: ICMP echo reply, id 8988, seq 1, length 64
10:12:40.441181 IP 192.168.0.105.32773 > 192.168.0.1.53: 64316+ PTR? 18.139.85.209.in-addr.arpa. (44)
10:12:40.444616 IP 192.168.0.1.53 > 192.168.0.105.32773: 64316 1/4/4 (214)
10:12:41.253890 IP 192.168.0.105 > 209.85.139.18: ICMP echo request, id 8988, seq 2, length 64
10:12:41.441791 IP 209.85.139.18 > 192.168.0.105: ICMP echo reply, id 8988, seq 2, length 64
10:12:41.442105 IP 192.168.0.105.32773 > 192.168.0.1.53: 44627+ PTR? 18.139.85.209.in-addr.arpa. (44)
10:12:41.445545 IP 192.168.0.1.53 > 192.168.0.105.32773: 44627 1/4/4 (214)
10:12:41.862822 IP 192.168.0.105.58506 > 194.213.0.30.3306: S 1191987708:1191987708(0) win 5840 <mss 1460,sackOK,timestamp 577639 0,nop,wscale 7>
10:12:42.253861 IP 192.168.0.105 > 209.85.139.18: ICMP echo request, id 8988, seq 3, length 64
10:12:42.442505 IP 209.85.139.18 > 192.168.0.105: ICMP echo reply, id 8988, seq 3, length 64
10:12:42.442814 IP 192.168.0.105.32773 > 192.168.0.1.53: 26118+ PTR? 18.139.85.209.in-addr.arpa. (44)
10:12:42.446249 IP 192.168.0.1.53 > 192.168.0.105.32773: 26118 1/4/4 (214)
10:12:42.862707 IP 192.168.0.105.45031 > 66.172.60.130.4661: S 1191649307:1191649307(0) win 5840 <mss 1460,sackOK,timestamp 577889 0,nop,wscale 7>
10:12:43.253959 IP 192.168.0.105 > 209.85.139.18: ICMP echo request, id 8988, seq 4, length 64
10:12:43.441902 IP 209.85.139.18 > 192.168.0.105: ICMP echo reply, id 8988, seq 4, length 64
10:12:43.442212 IP 192.168.0.105.32773 > 192.168.0.1.53: 12670+ PTR? 18.139.85.209.in-addr.arpa. (44)
10:12:43.445663 IP 192.168.0.1.53 > 192.168.0.105.32773: 12670 1/4/4 (214)
10:12:44.253940 IP 192.168.0.105 > 209.85.139.18: ICMP echo request, id 8988, seq 5, length 64
10:12:44.440897 IP 209.85.139.18 > 192.168.0.105: ICMP echo reply, id 8988, seq 5, length 64
10:12:44.441205 IP 192.168.0.105.32773 > 192.168.0.1.53: 58781+ PTR? 18.139.85.209.in-addr.arpa. (44)
10:12:44.444747 IP 192.168.0.1.53 > 192.168.0.105.32773: 58781 1/4/4 (214)
10:12:44.861920 IP 192.168.0.105.58506 > 194.213.0.30.3306: S 1191987708:1191987708(0) win 5840 <mss 1460,sackOK,timestamp 578389 0,nop,wscale 7>
10:12:45.253988 IP 192.168.0.105 > 209.85.139.18: ICMP echo request, id 8988, seq 6, length 64
10:12:45.441723 IP 209.85.139.18 > 192.168.0.105: ICMP echo reply, id 8988, seq 6, length 64
10:12:45.442053 IP 192.168.0.105.32773 > 192.168.0.1.53: 40140+ PTR? 18.139.85.209.in-addr.arpa. (44)
10:12:45.445451 IP 192.168.0.1.53 > 192.168.0.105.32773: 40140 1/4/4 (214)
10:12:45.634740 IP 192.168.0.105.139 > 192.168.0.100.1723: P 786785374:786785378(4) ack 3139137319 win 10720: pptp [|pptp]
10:12:45.792796 arp who-has 192.168.0.105 tell 192.168.0.100
10:12:45.792824 arp reply 192.168.0.105 is-at 00:0f:b0:0f:6b:bf
10:12:45.793065 IP 192.168.0.100.1723 > 192.168.0.105.139: . ack 4 win 16483
10:12:45.861963 IP 192.168.0.105.45031 > 66.172.60.130.4661: S 1191649307:1191649307(0) win 5840 <mss 1460,sackOK,timestamp 578639 0,nop,wscale 7>
10:12:46.258860 IP 192.168.0.105 > 209.85.139.18: ICMP echo request, id 8988, seq 7, length 64
10:12:46.446836 IP 209.85.139.18 > 192.168.0.105: ICMP echo reply, id 8988, seq 7, length 64
10:12:46.447141 IP 192.168.0.105.32773 > 192.168.0.1.53: 20553+ PTR? 18.139.85.209.in-addr.arpa. (44)
10:12:46.450571 IP 192.168.0.1.53 > 192.168.0.105.32773: 20553 1/4/4 (214)
10:12:50.434098 arp who-has 192.168.0.1 tell 192.168.0.103
10:12:50.864632 IP 192.168.0.105.58506 > 194.213.0.30.3306: S 1191987708:1191987708(0) win 5840 <mss 1460,sackOK,timestamp 579889 0,nop,wscale 7>
10:12:51.862197 IP 192.168.0.105.45031 > 66.172.60.130.4661: S 1191649307:1191649307(0) win 5840 <mss 1460,sackOK,timestamp 580139 0,nop,wscale 7>
10:12:57.130784 IP 192.168.0.105.32773 > 192.168.0.1.53: 2320+ A? www.yahoo.com. (31)
10:12:57.134506 IP 192.168.0.1.53 > 192.168.0.105.32773: 2320 2/8/8 CNAME[|domain]
10:12:57.135424 IP 192.168.0.105 > 209.131.36.158: ICMP echo request, id 10012, seq 1, length 64
10:12:57.271939 IP 209.131.36.158 > 192.168.0.105: ICMP echo reply, id 10012, seq 1, length 64
10:12:57.272301 IP 192.168.0.105.32773 > 192.168.0.1.53: 61566+ PTR? 158.36.131.209.in-addr.arpa. (45)
10:12:57.275772 IP 192.168.0.1.53 > 192.168.0.105.32773: 61566 1/5/5 (253)
10:12:58.134556 IP 192.168.0.105 > 209.131.36.158: ICMP echo request, id 10012, seq 2, length 64
10:12:58.271055 IP 209.131.36.158 > 192.168.0.105: ICMP echo reply, id 10012, seq 2, length 64
10:12:58.271364 IP 192.168.0.105.32773 > 192.168.0.1.53: 12004+ PTR? 158.36.131.209.in-addr.arpa. (45)
10:12:58.274793 IP 192.168.0.1.53 > 192.168.0.105.32773: 12004 1/5/5 (253)
10:12:59.134539 IP 192.168.0.105 > 209.131.36.158: ICMP echo request, id 10012, seq 3, length 64
10:12:59.271832 IP 209.131.36.158 > 192.168.0.105: ICMP echo reply, id 10012, seq 3, length 64
10:12:59.272140 IP 192.168.0.105.32773 > 192.168.0.1.53: 26787+ PTR? 158.36.131.209.in-addr.arpa. (45)
10:12:59.275595 IP 192.168.0.1.53 > 192.168.0.105.32773: 26787 1/5/5 (253)
10:13:00.134562 IP 192.168.0.105 > 209.131.36.158: ICMP echo request, id 10012, seq 4, length 64
10:13:00.271875 IP 209.131.36.158 > 192.168.0.105: ICMP echo reply, id 10012, seq 4, length 64
10:13:00.272184 IP 192.168.0.105.32773 > 192.168.0.1.53: 42602+ PTR? 158.36.131.209.in-addr.arpa. (45)
10:13:00.275618 IP 192.168.0.1.53 > 192.168.0.105.32773: 42602 1/5/5 (253)
10:13:00.634722 IP 192.168.0.105.631 > 192.168.0.255.631: UDP, length 183
10:13:01.134615 IP 192.168.0.105 > 209.131.36.158: ICMP echo request, id 10012, seq 5, length 64
10:13:01.270838 IP 209.131.36.158 > 192.168.0.105: ICMP echo reply, id 10012, seq 5, length 64
10:13:01.272034 IP 192.168.0.105.32773 > 192.168.0.1.53: 57692+ PTR? 158.36.131.209.in-addr.arpa. (45)
10:13:01.275507 IP 192.168.0.1.53 > 192.168.0.105.32773: 57692 1/5/5 (253)
10:13:02.131115 arp who-has 192.168.0.105 tell 192.168.0.1
10:13:02.131144 arp reply 192.168.0.105 is-at 00:0f:b0:0f:6b:bf
10:13:02.134673 IP 192.168.0.105 > 209.131.36.158: ICMP echo request, id 10012, seq 6, length 64
10:13:02.269406 IP 209.131.36.158 > 192.168.0.105: ICMP echo reply, id 10012, seq 6, length 64
10:13:02.269713 IP 192.168.0.105.32773 > 192.168.0.1.53: 7347+ PTR? 158.36.131.209.in-addr.arpa. (45)
10:13:02.273231 IP 192.168.0.1.53 > 192.168.0.105.32773: 7347 1/5/5 (253)
10:13:02.862630 IP 192.168.0.105.58506 > 194.213.0.30.3306: S 1191987708:1191987708(0) win 5840 <mss 1460,sackOK,timestamp 582889 0,nop,wscale 7>
10:13:03.134683 IP 192.168.0.105 > 209.131.36.158: ICMP echo request, id 10012, seq 7, length 64
10:13:03.273143 IP 209.131.36.158 > 192.168.0.105: ICMP echo reply, id 10012, seq 7, length 64
10:13:03.273454 IP 192.168.0.105.32773 > 192.168.0.1.53: 8190+ PTR? 158.36.131.209.in-addr.arpa. (45)
10:13:03.276875 IP 192.168.0.1.53 > 192.168.0.105.32773: 8190 1/5/5 (253)
10:13:03.862668 IP 192.168.0.105.45031 > 66.172.60.130.4661: S 1191649307:1191649307(0) win 5840 <mss 1460,sackOK,timestamp 583139 0,nop,wscale 7>
10:13:04.134723 IP 192.168.0.105 > 209.131.36.158: ICMP echo request, id 10012, seq 8, length 64
10:13:04.270556 IP 209.131.36.158 > 192.168.0.105: ICMP echo reply, id 10012, seq 8, length 64
10:13:04.270879 IP 192.168.0.105.32773 > 192.168.0.1.53: 21734+ PTR? 158.36.131.209.in-addr.arpa. (45)
10:13:04.274474 IP 192.168.0.1.53 > 192.168.0.105.32773: 21734 1/5/5 (253)
10:13:05.134792 IP 192.168.0.105 > 209.131.36.158: ICMP echo request, id 10012, seq 9, length 64
10:13:05.270612 IP 209.131.36.158 > 192.168.0.105: ICMP echo reply, id 10012, seq 9, length 64
10:13:05.270890 IP 192.168.0.105.32773 > 192.168.0.1.53: 22207+ PTR? 158.36.131.209.in-addr.arpa. (45)
10:13:05.274457 IP 192.168.0.1.53 > 192.168.0.105.32773: 22207 1/5/5 (253)
Well, that's pretty much it. I'm going to try to know whether the new network has some kind of special configuration, but appart from that, I7m completely in the dark.
The riddle is easy, really: the new network is configured to access the internet through a proxy, which of course I hadn't set up.
Now that I did, I can access.
But...
It works only once. Basically, it can access and download the very first link it has (as defined in the homepage location in the preferences) and then stalls. That mean that if that first link is a page with images, I'll not see these - for instance google gives me the text but not the 'Google' picture and forget about making any search.
I tried it with both ipv6 enabled or disabled with no change in behavior. The windows boxes don't have this problem, and to add insult to injury, using IE with Crossover on my computer gets me a fairly normal behavior and browsing speed.
Since firefox works whithout a hitch on a windows box once the proxy is properly set up, I really don't know what to do.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.