LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page On all networks but one, internet access is ok !?
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 12-13-2006, 06:08 PM   #1
grenier
Member
 
Registered: Jun 2004
Posts: 46

Rep: Reputation: 16
On all networks but one, internet access is ok !?

Here is my situation:

Because of my job, I use my laptop (Mandriva 2007) on several different networks (7, to be precise, including my own at home). With no exception, there're all adsl modem/router. Because of this, my computer is configured to get its network/internet settings automatically through DHCP from each modem/server.

Until now, I had no problem, but coming back after one month to one of the school I work, I found out their network configuration had been modified (new ISP, I believe), and I now can't properly access the internet there.

To be more precise, my computer gets access to the local network (can see/access other computers on it). I can ping wherever I wish, be it from IP addresses or site names (google, yahoo...). But, if I try to properly access the internet through whatever application (browsers including lynx, mailer, news, lastfm, telnet, bittorrent, you name it...) I can access nothing - though the name resolution process properly. It just doesn't load anything. Just to make sure, I also tried disabling IPV6 in firefox, but no cookie.

Checking on another computer that works properly, gateway and DNS server seem properly set up.

Once again, on another network the day before and my own in the evening, there's no problem.

Of course, all the schools' networks are populated with windows box only, and the other people there are of no help, both because of their lack of skill and the language barrier.


Would anybody have any idea?
 
Old 12-14-2006, 08:22 AM   #2
amitsharma_26
Member
 
Registered: Sep 2005
Location: New delhi
Distribution: RHEL 3.0/4.0
Posts: 777

Rep: Reputation: 31
That sounds a little strange; Can you please post the output of
Code:
iptables -nvL
&
Code:
tcpdump -nn
while you do some browsing.
 
Old 12-14-2006, 06:13 PM   #3
grenier
Member
 
Registered: Jun 2004
Posts: 46

Original Poster
Rep: Reputation: 16
Thanks for answering - yes 'a little strange' seems completely appropriate .

Anyway, here the output from 'iptables -nvL':

Chain INPUT (policy ACCEPT 18 packets, 2158 bytes)
pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 17 packets, 1219 bytes)
pkts bytes target prot opt in out source destination


======

And from tcpdump, exact command, term and file output while trying to browse first google and then slashdot:

Command :
tcpdump -nn > TCPDump.txt

Output in term:

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
291 packets captured
582 packets received by filter
0 packets dropped by kernel

TCPDump.txt:

09:01:37.430126 IP 192.168.0.113.631 > 192.168.0.255.631: UDP, length 183
09:01:37.481488 IP 192.168.0.104.1140 > 192.168.0.113.445: P 3318215103:3318215142(39) ack 1551880277 win 65133
09:01:37.481855 IP 192.168.0.113.445 > 192.168.0.104.1140: P 1:40(39) ack 39 win 10720
09:01:37.482091 IP 192.168.0.104.1140 > 192.168.0.113.445: P 39:82(43) ack 40 win 65094
09:01:37.482495 IP 192.168.0.113.445 > 192.168.0.104.1140: P 40:83(43) ack 82 win 10720
09:01:37.482698 IP 192.168.0.104.1140 > 192.168.0.113.445: P 82:121(39) ack 83 win 65051
09:01:37.482844 IP 192.168.0.113.445 > 192.168.0.104.1140: P 83:122(39) ack 121 win 10720
09:01:37.483134 IP 192.168.0.104.1140 > 192.168.0.113.445: F 121:121(0) ack 122 win 65012
09:01:37.484909 IP 192.168.0.113.445 > 192.168.0.104.1140: F 122:122(0) ack 122 win 10720
09:01:37.485065 IP 192.168.0.104.1140 > 192.168.0.113.445: . ack 123 win 65012
09:01:40.814022 IP 192.168.0.113.45333 > 85.17.7.135.3210: S 1546616727:1546616727(0) win 5840 <mss 1460,sackOK,timestamp 424555 0,nop,wscale 7>
09:01:41.349368 arp who-has 192.168.0.70 tell 192.168.0.104
09:01:42.904422 IP 192.168.0.113.46048 > 64.233.167.99.80: S 1557175616:1557175616(0) win 5840 <mss 1460,sackOK,timestamp 425077 0,nop,wscale 7>
09:01:43.214109 IP 192.168.0.113.60812 > 64.34.174.166.1635: S 1529783563:1529783563(0) win 5840 <mss 1460,sackOK,timestamp 425155 0,nop,wscale 7>
09:01:45.902185 IP 192.168.0.113.46048 > 64.233.167.99.80: S 1557175616:1557175616(0) win 5840 <mss 1460,sackOK,timestamp 425827 0,nop,wscale 7>
09:01:47.616186 IP 192.168.0.113.53560 > 66.90.73.253.8899: S 1567456975:1567456975(0) win 5840 <mss 1460,sackOK,timestamp 426255 0,nop,wscale 7>
09:01:50.614348 IP 192.168.0.113.53560 > 66.90.73.253.8899: S 1567456975:1567456975(0) win 5840 <mss 1460,sackOK,timestamp 427005 0,nop,wscale 7>
09:01:51.906456 IP 192.168.0.113.46048 > 64.233.167.99.80: S 1557175616:1557175616(0) win 5840 <mss 1460,sackOK,timestamp 427328 0,nop,wscale 7>
09:01:52.814421 IP 192.168.0.113.45333 > 85.17.7.135.3210: S 1546616727:1546616727(0) win 5840 <mss 1460,sackOK,timestamp 427555 0,nop,wscale 7>
09:01:54.310458 arp who-has 192.168.0.1 tell 192.168.0.113
09:01:54.312092 arp reply 192.168.0.1 is-at 00:0a:79:93:5f:c3
09:01:56.614555 IP 192.168.0.113.53560 > 66.90.73.253.8899: S 1567456975:1567456975(0) win 5840 <mss 1460,sackOK,timestamp 428505 0,nop,wscale 7>
09:01:57.216262 IP 192.168.0.113.58557 > 213.251.161.69.4661: S 1573566687:1573566687(0) win 5840 <mss 1460,sackOK,timestamp 428655 0,nop,wscale 7>
09:01:58.382996 IP 192.168.0.113.32771 > 192.168.0.1.53: 28459+ A? slashdot.org. (30)
09:01:58.386330 IP 192.168.0.1.53 > 192.168.0.113.32771: 28459 1/5/5 A 66.35.250.150 (235)
09:01:58.386862 IP 192.168.0.113.52886 > 66.35.250.150.80: S 1576941090:1576941090(0) win 5840 <mss 1460,sackOK,timestamp 428948 0,nop,wscale 7>
09:01:59.207282 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:01:59.211127 arp who-has 192.168.0.108 tell 192.168.0.90
09:01:59.408258 IP 192.168.0.108.138 > 192.168.0.255.138: NBT UDP PACKET(138)
09:01:59.408423 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:01:59.410630 arp who-has 192.168.0.108 tell 192.168.0.113
09:01:59.410761 arp reply 192.168.0.108 is-at 00:e0:00:3c:66:95
09:01:59.410774 IP 192.168.0.113.138 > 192.168.0.108.138: NBT UDP PACKET(138)
09:02:00.157099 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:00.214668 IP 192.168.0.113.58557 > 213.251.161.69.4661: S 1573566687:1573566687(0) win 5840 <mss 1460,sackOK,timestamp 429405 0,nop,wscale 7>
09:02:00.908220 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:01.386700 IP 192.168.0.113.52886 > 66.35.250.150.80: S 1576941090:1576941090(0) win 5840 <mss 1460,sackOK,timestamp 429698 0,nop,wscale 7>
09:02:01.684838 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:01.685026 IP 192.168.0.113.137 > 192.168.0.108.137: NBT UDP PACKET(137): QUERY; POSITIVE; RESPONSE; UNICAST
09:02:01.685280 IP 192.168.0.108.1112 > 192.168.0.113.139: S 1657019969:1657019969(0) win 65535 <mss 1460,nop,nop,sackOK>
09:02:01.685320 IP 192.168.0.113.139 > 192.168.0.108.1112: S 1568903161:1568903161(0) ack 1657019970 win 5840 <mss 1460,nop,nop,sackOK>
09:02:01.685505 IP 192.168.0.108.1112 > 192.168.0.113.139: P 1:73(72) ack 1 win 65535 NBT Session Packet: Session Request
09:02:01.685545 IP 192.168.0.113.139 > 192.168.0.108.1112: . ack 73 win 5840
09:02:01.690519 IP 192.168.0.113.139 > 192.168.0.108.1112: P 1:5(4) ack 73 win 5840 NBT Session Packet: Session Granted
09:02:01.690958 IP 192.168.0.108.1112 > 192.168.0.113.139: P 73:210(137) ack 5 win 65531 NBT Session Packet: Session Message
09:02:01.691865 IP 192.168.0.113.139 > 192.168.0.108.1112: P 5:136(131) ack 210 win 6432 NBT Session Packet: Session Message
09:02:01.732837 IP 192.168.0.108.1112 > 192.168.0.113.139: P 210:450(240) ack 136 win 65400 NBT Session Packet: Session Message
09:02:01.734075 IP 192.168.0.113.139 > 192.168.0.108.1112: P 136:392(256) ack 450 win 7504 NBT Session Packet: Session Message
09:02:01.734762 IP 192.168.0.108.1112 > 192.168.0.113.139: P 450:732(282) ack 392 win 65144 NBT Session Packet: Session Message
09:02:01.735781 IP 192.168.0.113.139 > 192.168.0.108.1112: P 392:504(112) ack 732 win 8576 NBT Session Packet: Session Message
09:02:01.756470 IP 192.168.0.108.1112 > 192.168.0.113.139: P 732:816(84) ack 504 win 65032 NBT Session Packet: Session Message
09:02:01.757160 IP 192.168.0.113.139 > 192.168.0.108.1112: P 504:556(52) ack 816 win 8576 NBT Session Packet: Session Message
09:02:01.757851 IP 192.168.0.108.1112 > 192.168.0.113.139: P 816:947(131) ack 556 win 64980 NBT Session Packet: Session Message
09:02:01.758250 IP 192.168.0.113.139 > 192.168.0.108.1112: P 556:671(115) ack 947 win 9648 NBT Session Packet: Session Message
09:02:01.758660 IP 192.168.0.108.1112 > 192.168.0.113.139: P 947:990(43) ack 671 win 64865 NBT Session Packet: Session Message
09:02:01.758891 IP 192.168.0.113.139 > 192.168.0.108.1112: P 671:714(43) ack 990 win 9648 NBT Session Packet: Session Message
09:02:01.759125 IP 192.168.0.108.1112 > 192.168.0.113.139: P 990:1029(39) ack 714 win 64822 NBT Session Packet: Session Message
09:02:01.759278 IP 192.168.0.113.139 > 192.168.0.108.1112: P 714:753(39) ack 1029 win 9648 NBT Session Packet: Session Message
09:02:01.760562 IP 192.168.0.108.1112 > 192.168.0.113.139: F 1029:1029(0) ack 753 win 64783
09:02:01.762328 IP 192.168.0.113.139 > 192.168.0.108.1112: F 753:753(0) ack 1030 win 9648
09:02:01.762522 IP 192.168.0.108.1112 > 192.168.0.113.139: . ack 754 win 64783
09:02:01.824394 IP 192.168.0.108.1114 > 192.168.0.113.139: S 3960164945:3960164945(0) win 65535 <mss 1460,nop,nop,sackOK>
09:02:01.824440 IP 192.168.0.113.139 > 192.168.0.108.1114: S 1574697157:1574697157(0) ack 3960164946 win 5840 <mss 1460,nop,nop,sackOK>
09:02:01.824639 IP 192.168.0.108.1114 > 192.168.0.113.139: P 1:73(72) ack 1 win 65535 NBT Session Packet: Session Request
09:02:01.824676 IP 192.168.0.113.139 > 192.168.0.108.1114: . ack 73 win 5840
09:02:01.827437 IP 192.168.0.113.139 > 192.168.0.108.1114: P 1:5(4) ack 73 win 5840 NBT Session Packet: Session Granted
09:02:01.870721 IP 192.168.0.108.1114 > 192.168.0.113.139: P 73:210(137) ack 5 win 65531 NBT Session Packet: Session Message
09:02:01.871399 IP 192.168.0.113.139 > 192.168.0.108.1114: P 5:136(131) ack 210 win 6432 NBT Session Packet: Session Message
09:02:01.872451 IP 192.168.0.108.1114 > 192.168.0.113.139: P 210:450(240) ack 136 win 65400 NBT Session Packet: Session Message
09:02:01.873560 IP 192.168.0.113.139 > 192.168.0.108.1114: P 136:392(256) ack 450 win 7504 NBT Session Packet: Session Message
09:02:01.912282 IP 192.168.0.108.1114 > 192.168.0.113.139: P 450:810(360) ack 392 win 65144 NBT Session Packet: Session Message
09:02:01.913092 IP 192.168.0.113.139 > 192.168.0.108.1114: P 392:504(112) ack 810 win 8576 NBT Session Packet: Session Message
09:02:01.913856 IP 192.168.0.108.1114 > 192.168.0.113.139: P 810:894(84) ack 504 win 65032 NBT Session Packet: Session Message
09:02:01.914662 IP 192.168.0.113.139 > 192.168.0.108.1114: P 504:556(52) ack 894 win 8576 NBT Session Packet: Session Message
09:02:01.988613 IP 192.168.0.108.1114 > 192.168.0.113.139: P 894:998(104) ack 556 win 64980 NBT Session Packet: Session Message
09:02:01.989068 IP 192.168.0.113.139 > 192.168.0.108.1114: P 556:663(107) ack 998 win 8576 NBT Session Packet: Session Message
09:02:02.038884 IP 192.168.0.108.1114 > 192.168.0.113.139: P 998:1138(140) ack 663 win 64873 NBT Session Packet: Session Message
09:02:02.039186 IP 192.168.0.113.139 > 192.168.0.108.1114: P 663:714(51) ack 1138 win 9648 NBT Session Packet: Session Message
09:02:02.040012 IP 192.168.0.108.1114 > 192.168.0.113.139: P 1138:1201(63) ack 714 win 64822 NBT Session Packet: Session Message
09:02:02.040079 IP 192.168.0.113.139 > 192.168.0.108.1114: P 714:845(131) ack 1201 win 9648 NBT Session Packet: Session Message
09:02:02.041334 IP 192.168.0.108.1114 > 192.168.0.113.139: P 1201:1377(176) ack 845 win 64691 NBT Session Packet: Session Message
09:02:02.041701 IP 192.168.0.113.139 > 192.168.0.108.1114: P 845:1521(676) ack 1377 win 10720 NBT Session Packet: Session Message
09:02:02.042279 IP 192.168.0.108.1114 > 192.168.0.113.139: P 1377:1422(45) ack 1521 win 65535 NBT Session Packet: Session Message
09:02:02.042356 IP 192.168.0.113.139 > 192.168.0.108.1114: P 1521:1560(39) ack 1422 win 10720 NBT Session Packet: Session Message
09:02:02.054015 arp who-has 192.168.0.1 tell 192.168.0.108
09:02:02.090983 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:02.116302 IP 192.168.0.108 > 192.168.0.113: ICMP echo request, id 512, seq 256, length 40
09:02:02.116349 IP 192.168.0.113 > 192.168.0.108: ICMP echo reply, id 512, seq 256, length 40
09:02:02.149947 IP 192.168.0.108.1114 > 192.168.0.113.139: . ack 1560 win 65496
09:02:02.176264 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:02.841064 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:02.921179 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:03.376683 arp who-has 192.168.0.113 tell 192.168.0.1
09:02:03.376709 arp reply 192.168.0.113 is-at 00:0f:b0:0f:6b:bf
09:02:03.592124 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:03.672228 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:04.424254 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:05.174417 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:05.925523 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:06.214866 IP 192.168.0.113.58557 > 213.251.161.69.4661: S 1573566687:1573566687(0) win 5840 <mss 1460,sackOK,timestamp 430905 0,nop,wscale 7>
09:02:06.724172 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:06.724637 arp who-has 192.168.0.108 tell 192.168.0.102
09:02:06.732981 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:06.819142 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:07.386901 IP 192.168.0.113.52886 > 66.35.250.150.80: S 1576941090:1576941090(0) win 5840 <mss 1460,sackOK,timestamp 431198 0,nop,wscale 7>
09:02:07.567912 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:08.319005 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:08.431168 IP 192.168.0.113.631 > 192.168.0.255.631: UDP, length 183
09:02:08.614946 IP 192.168.0.113.53560 > 66.90.73.253.8899: S 1567456975:1567456975(0) win 5840 <mss 1460,sackOK,timestamp 431505 0,nop,wscale 7>
09:02:11.882548 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:12.625277 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:12.845606 IP 192.168.0.108.1114 > 192.168.0.113.139: P 1422:1465(43) ack 1560 win 65496 NBT Session Packet: Session Message
09:02:12.845831 IP 192.168.0.113.139 > 192.168.0.108.1114: P 1560:1603(43) ack 1465 win 10720 NBT Session Packet: Session Message
09:02:12.846070 IP 192.168.0.108.1114 > 192.168.0.113.139: P 1465:1504(39) ack 1603 win 65453 NBT Session Packet: Session Message
09:02:12.846244 IP 192.168.0.113.139 > 192.168.0.108.1114: P 1603:1642(39) ack 1504 win 10720 NBT Session Packet: Session Message
09:02:12.846592 IP 192.168.0.108.1114 > 192.168.0.113.139: F 1504:1504(0) ack 1642 win 65414
09:02:12.848431 IP 192.168.0.113.139 > 192.168.0.108.1114: F 1642:1642(0) ack 1505 win 10720
09:02:12.848610 IP 192.168.0.108.1114 > 192.168.0.113.139: . ack 1643 win 65414
09:02:13.117233 IP 192.168.0.113.45681 > 88.191.28.178.4232: S 1595015881:1595015881(0) win 5840 <mss 1460,sackOK,timestamp 432630 0,nop,wscale 7>
09:02:13.282570 IPX 00000000.00:e0:00:8a:c7:98.4008 > 00000000.ff:ff:ff:ff:ff:ff.0452: ipx-sap-resp 0640 'FM-ARASINA[|ipx 64]
09:02:13.383165 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:14.132971 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:14.878554 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:15.629656 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:16.115200 IP 192.168.0.113.45681 > 88.191.28.178.4232: S 1595015881:1595015881(0) win 5840 <mss 1460,sackOK,timestamp 433380 0,nop,wscale 7>
09:02:16.389329 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:16.456778 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:16.460294 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:17.201947 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:17.202057 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:17.953043 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:17.953156 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:18.215268 IP 192.168.0.113.58557 > 213.251.161.69.4661: S 1573566687:1573566687(0) win 5840 <mss 1460,sackOK,timestamp 433905 0,nop,wscale 7>

<snip> for length
 
Old 12-14-2006, 06:14 PM   #4
grenier
Member
 
Registered: Jun 2004
Posts: 46

Original Poster
Rep: Reputation: 16
Here is the end of the output from tcpdump:


09:02:18.707336 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:19.387300 IP 192.168.0.113.52886 > 66.35.250.150.80: S 1576941090:1576941090(0) win 5840 <mss 1460,sackOK,timestamp 434198 0,nop,wscale 7>
09:02:19.455232 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:20.206324 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:20.962594 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:20.966165 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:21.708514 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:21.708628 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:22.115398 IP 192.168.0.113.45681 > 88.191.28.178.4232: S 1595015881:1595015881(0) win 5840 <mss 1460,sackOK,timestamp 434880 0,nop,wscale 7>
09:02:22.459609 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:22.459728 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:22.517197 IP 192.168.0.113.50632 > 212.25.103.162.4232: S 1594923216:1594923216(0) win 5840 <mss 1460,sackOK,timestamp 434980 0,nop,wscale 7>
09:02:23.211865 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:23.961802 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:24.618637 IPX 00000000.00:e0:00:8a:c7:98.0453 > 00000000.ff:ff:ff:ff:ff:ff.0453: ipx-rip-resp 1142348611/1.2
09:02:24.712898 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:25.515520 IP 192.168.0.113.50632 > 212.25.103.162.4232: S 1594923216:1594923216(0) win 5840 <mss 1460,sackOK,timestamp 435730 0,nop,wscale 7>
09:02:25.600810 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:25.600984 IP 192.168.0.113.137 > 192.168.0.108.137: NBT UDP PACKET(137): QUERY; POSITIVE; RESPONSE; UNICAST
09:02:25.601448 IP 192.168.0.108 > 192.168.0.113: ICMP echo request, id 512, seq 1024, length 40
09:02:25.601467 IP 192.168.0.113 > 192.168.0.108: ICMP echo reply, id 512, seq 1024, length 40
09:02:25.601897 IP 192.168.0.108.1132 > 192.168.0.113.445: S 3547043033:3547043033(0) win 65535 <mss 1460,nop,nop,sackOK>
09:02:25.601928 IP 192.168.0.113.445 > 192.168.0.108.1132: S 1596515992:1596515992(0) ack 3547043034 win 5840 <mss 1460,nop,nop,sackOK>
09:02:25.602072 IP 192.168.0.108.1132 > 192.168.0.113.445: . ack 1 win 65535
09:02:25.602741 IP 192.168.0.108.1132 > 192.168.0.113.445: P 1:138(137) ack 1 win 65535
09:02:25.602772 IP 192.168.0.113.445 > 192.168.0.108.1132: . ack 138 win 6432
09:02:25.610951 IP 192.168.0.113.445 > 192.168.0.108.1132: P 1:132(131) ack 138 win 6432
09:02:25.611980 IP 192.168.0.108.1132 > 192.168.0.113.445: P 138:378(240) ack 132 win 65404
09:02:25.613562 IP 192.168.0.113.445 > 192.168.0.108.1132: P 132:388(256) ack 378 win 7504
09:02:25.614438 IP 192.168.0.108.1132 > 192.168.0.113.445: P 378:660(282) ack 388 win 65148
09:02:25.615321 IP 192.168.0.113.445 > 192.168.0.108.1132: P 388:500(112) ack 660 win 8576
09:02:25.616065 IP 192.168.0.108.1132 > 192.168.0.113.445: P 660:744(84) ack 500 win 65036
09:02:25.616597 IP 192.168.0.113.445 > 192.168.0.108.1132: P 500:552(52) ack 744 win 8576
09:02:25.617230 IP 192.168.0.108.1132 > 192.168.0.113.445: P 744:862(118) ack 552 win 64984
09:02:25.617455 IP 192.168.0.113.445 > 192.168.0.108.1132: P 552:786(234) ack 862 win 8576
09:02:25.620385 IP 192.168.0.108.1132 > 192.168.0.113.445: P 862:1102(240) ack 786 win 64750
09:02:25.620664 IP 192.168.0.113.445 > 192.168.0.108.1132: P 786:1042(256) ack 1102 win 9648
09:02:25.621494 IP 192.168.0.108.1132 > 192.168.0.113.445: P 1102:1462(360) ack 1042 win 64494
09:02:25.622058 IP 192.168.0.113.445 > 192.168.0.108.1132: P 1042:1154(112) ack 1462 win 10720
09:02:25.622781 IP 192.168.0.108.1132 > 192.168.0.113.445: P 1462:1562(100) ack 1154 win 64382
09:02:25.623312 IP 192.168.0.113.445 > 192.168.0.108.1132: P 1154:1212(58) ack 1562 win 10720
09:02:25.624047 IP 192.168.0.108.1132 > 192.168.0.113.445: P 1562:1652(90) ack 1212 win 64324
09:02:25.624483 IP 192.168.0.113.445 > 192.168.0.108.1132: P 1212:1319(107) ack 1652 win 10720
09:02:25.630182 IP 192.168.0.108.1132 > 192.168.0.113.445: P 1652:1728(76) ack 1319 win 64217
09:02:25.630366 IP 192.168.0.113.445 > 192.168.0.108.1132: P 1319:1391(72) ack 1728 win 10720
09:02:25.646298 IP 192.168.0.108.1132 > 192.168.0.113.445: P 1728:1773(45) ack 1391 win 64145
09:02:25.646479 IP 192.168.0.113.445 > 192.168.0.108.1132: P 1391:1430(39) ack 1773 win 10720
09:02:25.647287 IP 192.168.0.108.1132 > 192.168.0.113.445: P 1773:1895(122) ack 1430 win 64106
09:02:25.647431 IP 192.168.0.113.445 > 192.168.0.108.1132: P 1430:1534(104) ack 1895 win 10720
09:02:25.647864 IP 192.168.0.108.1132 > 192.168.0.113.445: P 1895:2017(122) ack 1534 win 65535
09:02:25.647971 IP 192.168.0.113.445 > 192.168.0.108.1132: P 1534:1638(104) ack 2017 win 10720
09:02:25.675545 IP 192.168.0.108.1132 > 192.168.0.113.445: P 2017:2139(122) ack 1638 win 65431
09:02:25.686768 IP 192.168.0.113.445 > 192.168.0.108.1132: P 1638:1742(104) ack 2139 win 10720
09:02:25.687212 IP 192.168.0.108.1132 > 192.168.0.113.445: P 2139:2261(122) ack 1742 win 65327
09:02:25.687339 IP 192.168.0.113.445 > 192.168.0.108.1132: P 1742:1846(104) ack 2261 win 10720
09:02:25.689142 IP 192.168.0.108.1132 > 192.168.0.113.445: P 2261:2304(43) ack 1846 win 65223
09:02:25.689498 IP 192.168.0.113.445 > 192.168.0.108.1132: P 1846:1889(43) ack 2304 win 10720
09:02:25.689738 IP 192.168.0.108.1132 > 192.168.0.113.445: P 2304:2343(39) ack 1889 win 65180
09:02:25.689912 IP 192.168.0.113.445 > 192.168.0.108.1132: P 1889:1928(39) ack 2343 win 10720
09:02:25.690375 IP 192.168.0.108.1132 > 192.168.0.113.445: P 2343:2427(84) ack 1928 win 65141
09:02:25.690678 IP 192.168.0.113.445 > 192.168.0.108.1132: P 1928:1980(52) ack 2427 win 10720
09:02:25.691038 IP 192.168.0.108.1132 > 192.168.0.113.445: P 2427:2531(104) ack 1980 win 65089
09:02:25.691352 IP 192.168.0.113.445 > 192.168.0.108.1132: P 1980:2087(107) ack 2531 win 10720
09:02:25.691867 IP 192.168.0.108.1132 > 192.168.0.113.445: P 2531:2671(140) ack 2087 win 64982
09:02:25.693788 IP 192.168.0.113.445 > 192.168.0.108.1132: P 2087:2138(51) ack 2671 win 10720
09:02:25.694174 IP 192.168.0.108.1132 > 192.168.0.113.445: P 2671:2734(63) ack 2138 win 64931
09:02:25.694260 IP 192.168.0.113.445 > 192.168.0.108.1132: P 2138:2269(131) ack 2734 win 10720
09:02:25.694720 IP 192.168.0.108.1132 > 192.168.0.113.445: P 2734:2886(152) ack 2269 win 64800
09:02:25.694917 IP 192.168.0.113.445 > 192.168.0.108.1132: P 2269:2445(176) ack 2886 win 10720
09:02:25.695413 IP 192.168.0.108.1132 > 192.168.0.113.445: P 2886:2931(45) ack 2445 win 64624
09:02:25.695551 IP 192.168.0.113.445 > 192.168.0.108.1132: P 2445:2484(39) ack 2931 win 10720
09:02:25.703841 IP 192.168.0.108.1132 > 192.168.0.113.445: P 2931:3053(122) ack 2484 win 64585
09:02:25.704183 IP 192.168.0.113.445 > 192.168.0.108.1132: P 2484:2588(104) ack 3053 win 10720
09:02:25.704620 IP 192.168.0.108.1132 > 192.168.0.113.445: P 3053:3175(122) ack 2588 win 64481
09:02:25.704727 IP 192.168.0.113.445 > 192.168.0.108.1132: P 2588:2692(104) ack 3175 win 10720
09:02:25.706741 IP 192.168.0.108.1132 > 192.168.0.113.445: P 3175:3297(122) ack 2692 win 64377
09:02:25.706842 IP 192.168.0.113.445 > 192.168.0.108.1132: P 2692:2796(104) ack 3297 win 10720
09:02:25.707295 IP 192.168.0.108.1132 > 192.168.0.113.445: P 3297:3371(74) ack 2796 win 64273
09:02:25.707393 IP 192.168.0.113.445 > 192.168.0.108.1132: P 2796:2898(102) ack 3371 win 10720
09:02:25.707746 IP 192.168.0.108.1132 > 192.168.0.113.445: P 3371:3493(122) ack 2898 win 64171
09:02:25.708370 IP 192.168.0.113.445 > 192.168.0.108.1132: P 2898:3002(104) ack 3493 win 10720
09:02:25.708671 IP 192.168.0.108.1132 > 192.168.0.113.445: P 3493:3615(122) ack 3002 win 65535
09:02:25.708787 IP 192.168.0.113.445 > 192.168.0.108.1132: P 3002:3090(88) ack 3615 win 10720
09:02:25.709057 IP 192.168.0.108.1132 > 192.168.0.113.445: P 3615:3737(122) ack 3090 win 65447
09:02:25.709155 IP 192.168.0.113.445 > 192.168.0.108.1132: P 3090:3162(72) ack 3737 win 10720
09:02:25.709427 IP 192.168.0.108.1132 > 192.168.0.113.445: P 3737:3859(122) ack 3162 win 65375
09:02:25.709534 IP 192.168.0.113.445 > 192.168.0.108.1132: P 3162:3230(68) ack 3859 win 10720
09:02:25.710643 IP 192.168.0.108.1132 > 192.168.0.113.445: P 3859:3991(132) ack 3230 win 65307
09:02:25.710809 IP 192.168.0.113.445 > 192.168.0.108.1132: P 3230:3337(107) ack 3991 win 10720
09:02:25.711145 IP 192.168.0.108.1132 > 192.168.0.113.445: P 3991:4079(88) ack 3337 win 65200
09:02:25.711213 IP 192.168.0.113.445 > 192.168.0.108.1132: P 3337:3412(75) ack 4079 win 10720
09:02:25.711530 IP 192.168.0.108.1132 > 192.168.0.113.445: P 4079:4153(74) ack 3412 win 65125
09:02:25.712490 IP 192.168.0.113.445 > 192.168.0.108.1132: P 3412:3536(124) ack 4153 win 10720
09:02:25.712937 IP 192.168.0.108.1132 > 192.168.0.113.445: P 4153:4198(45) ack 3536 win 65001
09:02:25.713066 IP 192.168.0.113.445 > 192.168.0.108.1132: P 3536:3575(39) ack 4198 win 10720
09:02:25.714078 IP 192.168.0.108.1132 > 192.168.0.113.445: P 4198:4354(156) ack 3575 win 64962
09:02:25.714449 IP 192.168.0.113.445 > 192.168.0.108.1132: P 3575:3614(39) ack 4354 win 10720
09:02:25.715259 IP 192.168.0.108.1132 > 192.168.0.113.445: P 4354:4510(156) ack 3614 win 64923
09:02:25.715438 IP 192.168.0.113.445 > 192.168.0.108.1132: P 3614:3653(39) ack 4510 win 10720
09:02:25.884546 IP 192.168.0.108.1132 > 192.168.0.113.445: . ack 3653 win 64884
09:02:26.010411 IP 192.168.0.108.1132 > 192.168.0.113.445: P 4510:4616(106) ack 3653 win 64884
09:02:26.010724 IP 192.168.0.113.445 > 192.168.0.108.1132: P 3653:3760(107) ack 4616 win 10720
09:02:26.011273 IP 192.168.0.108.1132 > 192.168.0.113.445: P 4616:4756(140) ack 3760 win 64777
09:02:26.011396 IP 192.168.0.113.445 > 192.168.0.108.1132: P 3760:3811(51) ack 4756 win 10720
09:02:26.011772 IP 192.168.0.108.1132 > 192.168.0.113.445: P 4756:4819(63) ack 3811 win 64726
09:02:26.012244 IP 192.168.0.113.445 > 192.168.0.108.1132: P 3811:3942(131) ack 4819 win 10720
09:02:26.012733 IP 192.168.0.108.1132 > 192.168.0.113.445: P 4819:5111(292) ack 3942 win 64595
09:02:26.013356 IP 192.168.0.113.445 > 192.168.0.108.1132: P 3942:4050(108) ack 5111 win 10720
09:02:26.014703 IP 192.168.0.108.1132 > 192.168.0.113.445: . 5111:6571(1460) ack 4050 win 64487
09:02:26.014825 IP 192.168.0.108.1132 > 192.168.0.113.445: . 6571:8031(1460) ack 4050 win 64487
09:02:26.014866 IP 192.168.0.113.445 > 192.168.0.108.1132: . ack 8031 win 10720
09:02:26.014935 IP 192.168.0.108.1132 > 192.168.0.113.445: P 8031:9355(1324) ack 4050 win 64487
09:02:26.016042 IP 192.168.0.113.445 > 192.168.0.108.1132: P 4050:5134(1084) ack 9355 win 10720
09:02:26.016631 IP 192.168.0.108.1132 > 192.168.0.113.445: P 9355:9418(63) ack 5134 win 65535
09:02:26.020201 IP 192.168.0.113.445 > 192.168.0.108.1132: . 5134:6594(1460) ack 9418 win 10720
09:02:26.020225 IP 192.168.0.113.445 > 192.168.0.108.1132: . 6594:8054(1460) ack 9418 win 10720
09:02:26.020703 IP 192.168.0.108.1132 > 192.168.0.113.445: . ack 8054 win 65535
09:02:26.020731 IP 192.168.0.113.445 > 192.168.0.108.1132: P 8054:8309(255) ack 9418 win 10720
09:02:26.021608 IP 192.168.0.108.1132 > 192.168.0.113.445: P 9418:9550(132) ack 8309 win 65280
09:02:26.021794 IP 192.168.0.113.445 > 192.168.0.108.1132: P 8309:8417(108) ack 9550 win 10720
09:02:26.022248 IP 192.168.0.108.1132 > 192.168.0.113.445: P 9550:9595(45) ack 8417 win 65172
09:02:26.022331 IP 192.168.0.113.445 > 192.168.0.108.1132: P 8417:8456(39) ack 9595 win 10720
09:02:26.184997 IP 192.168.0.108.1132 > 192.168.0.113.445: . ack 8456 win 65133
09:02:27.277288 IP 192.168.0.108.1132 > 192.168.0.113.445: P 9595:9634(39) ack 8456 win 65133
09:02:27.277702 IP 192.168.0.113.445 > 192.168.0.108.1132: P 8456:8495(39) ack 9634 win 10720
09:02:27.277948 IP 192.168.0.108.1132 > 192.168.0.113.445: P 9634:9677(43) ack 8495 win 65094
09:02:27.278037 IP 192.168.0.113.445 > 192.168.0.108.1132: P 8495:8538(43) ack 9677 win 10720
09:02:27.278242 IP 192.168.0.108.1132 > 192.168.0.113.445: P 9677:9716(39) ack 8538 win 65051
09:02:27.278360 IP 192.168.0.113.445 > 192.168.0.108.1132: P 8538:8577(39) ack 9716 win 10720
09:02:27.278725 IP 192.168.0.108.1132 > 192.168.0.113.445: F 9716:9716(0) ack 8577 win 65012
09:02:27.280528 IP 192.168.0.113.445 > 192.168.0.108.1132: F 8577:8577(0) ack 9717 win 10720
09:02:27.280755 IP 192.168.0.108.1132 > 192.168.0.113.445: . ack 8578 win 65012
09:02:28.216200 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:28.374170 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:28.959080 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:29.119322 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:29.710169 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:29.870389 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:30.622523 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:31.372600 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:31.515714 IP 192.168.0.113.50632 > 212.25.103.162.4232: S 1594923216:1594923216(0) win 5840 <mss 1460,sackOK,timestamp 437230 0,nop,wscale 7>
09:02:32.123708 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:33.401268 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:34.115798 IP 192.168.0.113.45681 > 88.191.28.178.4232: S 1595015881:1595015881(0) win 5840 <mss 1460,sackOK,timestamp 437880 0,nop,wscale 7>
09:02:34.146637 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:34.897735 IP 192.168.0.108.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
09:02:36.515875 arp who-has 192.168.0.1 tell 192.168.0.113
09:02:36.517512 arp reply 192.168.0.1 is-at 00:0a:79:93:5f:c3
09:02:38.413812 IP 192.168.0.113.40983 > 83.149.73.131.1111: S 1613746747:1613746747(0) win 5840 <mss 1460,sackOK,timestamp 438954 0,nop,wscale 7>
09:02:39.020083 IP 192.168.0.113.631 > 192.168.0.255.631: UDP, length 183
09:02:41.412053 IP 192.168.0.113.40983 > 83.149.73.131.1111: S 1613746747:1613746747(0) win 5840 <mss 1460,sackOK,timestamp 439704 0,nop,wscale 7>
09:02:43.388109 IP 192.168.0.113.52886 > 66.35.250.150.80: S 1576941090:1576941090(0) win 5840 <mss 1460,sackOK,timestamp 440198 0,nop,wscale 7>
09:02:43.516113 IP 192.168.0.113.50632 > 212.25.103.162.4232: S 1594923216:1594923216(0) win 5840 <mss 1460,sackOK,timestamp 440230 0,nop,wscale 7>
09:02:47.412242 IP 192.168.0.113.40983 > 83.149.73.131.1111: S 1613746747:1613746747(0) win 5840 <mss 1460,sackOK,timestamp 441204 0,nop,wscale 7>
09:02:48.114104 IP 192.168.0.113.57181 > 88.191.36.18.2222: S 1617863051:1617863051(0) win 5840 <mss 1460,sackOK,timestamp 441379 0,nop,wscale 7>
09:02:51.112367 IP 192.168.0.113.57181 > 88.191.36.18.2222: S 1617863051:1617863051(0) win 5840 <mss 1460,sackOK,timestamp 442129 0,nop,wscale 7>
09:02:52.815178 NBF Packet: Datagram
09:02:52.846061 NBF Packet: Datagram
 
Old 12-18-2006, 03:48 PM   #5
amitsharma_26
Member
 
Registered: Sep 2005
Location: New delhi
Distribution: RHEL 3.0/4.0
Posts: 777

Rep: Reputation: 31
Sorry for delayed reply.

Yes, i can see the name resolutions being done & packets being generated for google & slashdot, but somehow i saw 20+ packets being generated for many different sites for port different from 80 & 443. You better inspect at this issue, as this could possibily a security breach, some worm or something else.

Apart from that, i am really curious to see icmp packets communication log for any internet site as well as you earlier said they are being done in OKAY manner. Can you please dump the packet logs while you ping few websites; as you said ping is working. While the same time, do repost with the output of "ip rou ls".
 
Old 12-19-2006, 08:29 PM   #6
grenier
Member
 
Registered: Jun 2004
Posts: 46

Original Poster
Rep: Reputation: 16
Thanks for the answer (and the analysis).
Unfortunately (or fortunately ?), last Friday was the last day of the month I had at this specific school. I won't go back there before the end of January. I'll have to wait until then to do the tests.

While I'm at it, and to save some time, is there any other test you think may be of interest to do?

Thanks again.
 
Old 01-08-2007, 07:42 PM   #7
grenier
Member
 
Registered: Jun 2004
Posts: 46

Original Poster
Rep: Reputation: 16
Well, back at school. Another one but the same problem. The f*#$! is being (has been?) deployed over all the town's school networks.

I'm getting to wonder whether the problem doesn't come from a weird server's firewall configuration: after installing firefox (either 2.0.0.1 or 1.5.0.9 with ipv6 disabled) on a windows box that does work, I had the 'nice' surprise to see it couldn't access the internet either. Let me stress that there's no problem through IE.

Anyway, since it's another school, I did everything all over again.


So here is the result of the 'iptable -nvL' command:

Code:
Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    6   460 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           
    0     0 eth2_in    all  --  eth2   *       0.0.0.0/0            0.0.0.0/0           
    0     0 eth1_in    all  --  eth1   *       0.0.0.0/0            0.0.0.0/0           
  392 54065 eth0_in    all  --  eth0   *       0.0.0.0/0            0.0.0.0/0           
    0     0 Reject     all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:INPUT:REJECT:' 
    0     0 reject     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 eth2_fwd   all  --  eth2   *       0.0.0.0/0            0.0.0.0/0           
    0     0 eth1_fwd   all  --  eth1   *       0.0.0.0/0            0.0.0.0/0           
    0     0 eth0_fwd   all  --  eth0   *       0.0.0.0/0            0.0.0.0/0           
    0     0 Reject     all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:FORWARD:REJECT:' 
    0     0 reject     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    6   460 ACCEPT     all  --  *      lo      0.0.0.0/0            0.0.0.0/0           
    0     0 fw2net     all  --  *      eth2    0.0.0.0/0            0.0.0.0/0           policy match dir out pol none 
    0     0 fw2net     all  --  *      eth1    0.0.0.0/0            0.0.0.0/0           policy match dir out pol none 
  907 72803 fw2net     all  --  *      eth0    0.0.0.0/0            0.0.0.0/0           policy match dir out pol none 
    0     0 Reject     all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:OUTPUT:REJECT:' 
    0     0 reject     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain Drop (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 reject     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:113 
   16  1256 dropBcast  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           icmp type 3 code 4 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           icmp type 11 
   16  1256 dropInvalid  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           multiport dports 135,445 
    0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpts:137:139 
   12  1080 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:137 dpts:1024:65535 
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           multiport dports 135,139,445 
    0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:1900 
    0     0 dropNotSyn  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:53 

Chain Reject (4 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 reject     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:113 
    0     0 dropBcast  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           icmp type 3 code 4 
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           icmp type 11 
    0     0 dropInvalid  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 reject     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           multiport dports 135,445 
    0     0 reject     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpts:137:139 
    0     0 reject     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:137 dpts:1024:65535 
    0     0 reject     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           multiport dports 135,139,445 
    0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:1900 
    0     0 dropNotSyn  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:53 

Chain all2all (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
    0     0 Reject     all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:all2all:REJECT:' 
    0     0 reject     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain dropBcast (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           PKTTYPE = broadcast 
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           PKTTYPE = multicast 

Chain dropInvalid (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           state INVALID 

Chain dropNotSyn (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:!0x17/0x02 

Chain dynamic (6 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain eth0_fwd (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0           state INVALID,NEW 
    0     0 ACCEPT     all  --  *      eth2    0.0.0.0/0            0.0.0.0/0           policy match dir out pol none 
    0     0 ACCEPT     all  --  *      eth1    0.0.0.0/0            0.0.0.0/0           policy match dir out pol none 

Chain eth0_in (1 references)
 pkts bytes target     prot opt in     out     source               destination         
  264 38109 dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0           state INVALID,NEW 
  392 54065 net2fw     all  --  *      *       0.0.0.0/0            0.0.0.0/0           policy match dir in pol none 

Chain eth1_fwd (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0           state INVALID,NEW 
    0     0 ACCEPT     all  --  *      eth2    0.0.0.0/0            0.0.0.0/0           policy match dir out pol none 
    0     0 ACCEPT     all  --  *      eth0    0.0.0.0/0            0.0.0.0/0           policy match dir out pol none 

Chain eth1_in (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0           state INVALID,NEW 
    0     0 net2fw     all  --  *      *       0.0.0.0/0            0.0.0.0/0           policy match dir in pol none 

Chain eth2_fwd (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0           state INVALID,NEW 
    0     0 ACCEPT     all  --  *      eth1    0.0.0.0/0            0.0.0.0/0           policy match dir out pol none 
    0     0 ACCEPT     all  --  *      eth0    0.0.0.0/0            0.0.0.0/0           policy match dir out pol none 

Chain eth2_in (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 dynamic    all  --  *      *       0.0.0.0/0            0.0.0.0/0           state INVALID,NEW 
    0     0 net2fw     all  --  *      *       0.0.0.0/0            0.0.0.0/0           policy match dir in pol none 

Chain fw2net (3 references)
 pkts bytes target     prot opt in     out     source               destination         
   88  7933 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
  819 64870 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain logdrop (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:logdrop:DROP:' 
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain logreject (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:logreject:REJECT:' 
    0     0 reject     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain net2all (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
   16  1256 Drop       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    4   176 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:net2all:DROP:' 
    4   176 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain net2fw (3 references)
 pkts bytes target     prot opt in     out     source               destination         
  128 15956 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
  247 36805 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           multiport dports 137,138,139,445,1024:1100,631 
    1    48 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           multiport dports 137,138,139,445,1024:1100,631,6881:6999 
   16  1256 net2all    all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain reject (11 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all  --  *      *       255.255.255.255      0.0.0.0/0           
    0     0 DROP       all  --  *      *       224.0.0.0/4          0.0.0.0/0           
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           PKTTYPE = broadcast 
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           PKTTYPE = multicast 
    0     0 DROP       all  --  *      *       255.255.255.255      0.0.0.0/0           
    0     0 DROP       all  --  *      *       224.0.0.0/4          0.0.0.0/0           
    0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with tcp-reset 
    0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with icmp-port-unreachable 
    0     0 REJECT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-unreachable 
    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 

Chain shorewall (0 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain smurfs (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        all  --  *      *       192.168.0.255        0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:' 
    0     0 DROP       all  --  *      *       192.168.0.255        0.0.0.0/0           
    0     0 LOG        all  --  *      *       255.255.255.255      0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:' 
    0     0 DROP       all  --  *      *       255.255.255.255      0.0.0.0/0           
    0     0 LOG        all  --  *      *       224.0.0.0/4          0.0.0.0/0           LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:' 
    0     0 DROP       all  --  *      *       224.0.0.0/4          0.0.0.0/0
Last edited by grenier; 01-08-2007 at 07:56 PM.
 
Old 01-08-2007, 07:55 PM   #8
grenier
Member
 
Registered: Jun 2004
Posts: 46

Original Poster
Rep: Reputation: 16
Here is 'tcpdump -nn', where I tried browsing google, gmail, yahoo and slashdot.

The terminal output :
Code:
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
61 packets captured
122 packets received by filter
0 packets dropped by kernel
and the result itself:

Code:
10:09:06.033388 IP 192.168.0.105.32773 > 192.168.0.1.53:  49925+ A? www.google.com. (32)
10:09:06.033712 IP 192.168.0.1.53 > 192.168.0.105.32773:  49925 3/7/7 CNAME www.l.google.com.,[|domain]
10:09:06.033736 IP 192.168.0.105.44479 > 66.249.89.104.80: S 955303653:955303653(0) win 5840 <mss 1460,sackOK,timestamp 523683 0,nop,wscale 7>
10:09:09.029369 IP 192.168.0.105.44479 > 66.249.89.104.80: S 955303653:955303653(0) win 5840 <mss 1460,sackOK,timestamp 524433 0,nop,wscale 7>
10:09:11.024952 arp who-has 192.168.0.105 tell 192.168.0.1
10:09:11.024979 arp reply 192.168.0.105 is-at 00:0f:b0:0f:6b:bf
10:09:13.473508 IP 192.168.0.105.60508 > 64.34.178.57.7190: S 940968012:940968012(0) win 5840 <mss 1460,sackOK,timestamp 525544 0,nop,wscale 7>
10:09:14.561553 IP 192.168.0.105.40432 > 66.172.60.133.4661: S 948632301:948632301(0) win 5840 <mss 1460,sackOK,timestamp 525816 0,nop,wscale 7>
10:09:17.469709 IP 192.168.0.104.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
10:09:17.475947 arp who-has 192.168.0.52 tell 192.168.0.104
10:09:17.480526 arp who-has 192.168.0.1 tell 192.168.0.104
10:09:17.521320 IP 192.168.0.104.137 > 192.168.0.255.137: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
10:09:18.063488 IP 192.168.0.105.45725 > 62.241.53.4.4242: S 962742521:962742521(0) win 5840 <mss 1460,sackOK,timestamp 526691 0,nop,wscale 7>
10:09:19.062604 IP 192.168.0.105.58067 > 72.51.37.107.9123: S 988075231:988075231(0) win 5840 <mss 1460,sackOK,timestamp 526941 0,nop,wscale 7>
10:09:20.895414 IP 192.168.0.105.32773 > 192.168.0.1.53:  13014+ A? www.gmail.com. (31)
10:09:20.898958 IP 192.168.0.1.53 > 192.168.0.105.32773:  13014 5/7/7 CNAME[|domain]
10:09:20.906234 IP 192.168.0.105.45644 > 209.85.139.18.80: S 982540781:982540781(0) win 5840 <mss 1460,sackOK,timestamp 527402 0,nop,wscale 7>
10:09:21.061811 IP 192.168.0.105.45725 > 62.241.53.4.4242: S 962742521:962742521(0) win 5840 <mss 1460,sackOK,timestamp 527441 0,nop,wscale 7>
10:09:22.061852 IP 192.168.0.105.58067 > 72.51.37.107.9123: S 988075231:988075231(0) win 5840 <mss 1460,sackOK,timestamp 527691 0,nop,wscale 7>
10:09:23.061868 arp who-has 192.168.0.1 tell 192.168.0.105
10:09:23.063502 arp reply 192.168.0.1 is-at 00:0a:79:93:4c:1f
10:09:23.634244 IP 192.168.0.105.631 > 192.168.0.255.631: UDP, length 183
10:09:23.905925 IP 192.168.0.105.45644 > 209.85.139.18.80: S 982540781:982540781(0) win 5840 <mss 1460,sackOK,timestamp 528152 0,nop,wscale 7>
10:09:27.062056 IP 192.168.0.105.45725 > 62.241.53.4.4242: S 962742521:962742521(0) win 5840 <mss 1460,sackOK,timestamp 528941 0,nop,wscale 7>
10:09:27.305280 arp who-has 192.168.0.104 tell 192.168.0.100
10:09:28.062092 IP 192.168.0.105.58067 > 72.51.37.107.9123: S 988075231:988075231(0) win 5840 <mss 1460,sackOK,timestamp 529191 0,nop,wscale 7>
10:09:29.906170 IP 192.168.0.105.45644 > 209.85.139.18.80: S 982540781:982540781(0) win 5840 <mss 1460,sackOK,timestamp 529652 0,nop,wscale 7>
10:09:33.521381 IP 192.168.0.106.138 > 192.168.0.255.138: NBT UDP PACKET(138)
10:09:37.035160 IP 192.168.0.105.32773 > 192.168.0.1.53:  7223+ A? www.yahoo.com. (31)
10:09:37.038558 IP 192.168.0.1.53 > 192.168.0.105.32773:  7223 2/8/8 CNAME[|domain]
10:09:37.039912 IP 192.168.0.105.34614 > 209.131.36.158.80: S 994232550:994232550(0) win 5840 <mss 1460,sackOK,timestamp 531435 0,nop,wscale 7>
10:09:39.062532 IP 192.168.0.105.45725 > 62.241.53.4.4242: S 962742521:962742521(0) win 5840 <mss 1460,sackOK,timestamp 531941 0,nop,wscale 7>
10:09:40.038569 IP 192.168.0.105.34614 > 209.131.36.158.80: S 994232550:994232550(0) win 5840 <mss 1460,sackOK,timestamp 532185 0,nop,wscale 7>
10:09:40.062570 IP 192.168.0.105.58067 > 72.51.37.107.9123: S 988075231:988075231(0) win 5840 <mss 1460,sackOK,timestamp 532191 0,nop,wscale 7>
10:09:43.764653 IP 192.168.0.105.54763 > 72.51.38.139.8699: S 1015594724:1015594724(0) win 5840 <mss 1460,sackOK,timestamp 533116 0,nop,wscale 7>
10:09:44.763678 IP 192.168.0.105.40606 > 72.51.38.141.9990: S 1013285997:1013285997(0) win 5840 <mss 1460,sackOK,timestamp 533366 0,nop,wscale 7>
10:09:45.576922 arp who-has 192.168.0.16 tell 192.168.0.100
10:09:45.617190 arp who-has 192.168.0.105 tell 192.168.0.100
10:09:45.617228 arp reply 192.168.0.105 is-at 00:0f:b0:0f:6b:bf
10:09:45.618001 IP 192.168.0.100.1723 > 192.168.0.105.139: P 3139137315:3139137319(4) ack 786785374 win 16487: pptp [|pptp]
10:09:45.654807 IP 192.168.0.105.139 > 192.168.0.100.1723: . ack 4 win 10720
10:09:46.038806 IP 192.168.0.105.34614 > 209.131.36.158.80: S 994232550:994232550(0) win 5840 <mss 1460,sackOK,timestamp 533685 0,nop,wscale 7>
10:09:46.762841 IP 192.168.0.105.54763 > 72.51.38.139.8699: S 1015594724:1015594724(0) win 5840 <mss 1460,sackOK,timestamp 533866 0,nop,wscale 7>
10:09:47.762893 IP 192.168.0.105.40606 > 72.51.38.141.9990: S 1013285997:1013285997(0) win 5840 <mss 1460,sackOK,timestamp 534116 0,nop,wscale 7>
10:09:50.654958 arp who-has 192.168.0.100 tell 192.168.0.105
10:09:50.655246 arp reply 192.168.0.100 is-at 00:00:4c:6e:6f:fb
10:09:52.675039 arp who-has 192.168.0.1 tell 192.168.0.105
10:09:52.676675 arp reply 192.168.0.1 is-at 00:0a:79:93:4c:1f
10:09:52.763074 IP 192.168.0.105.54763 > 72.51.38.139.8699: S 1015594724:1015594724(0) win 5840 <mss 1460,sackOK,timestamp 535366 0,nop,wscale 7>
10:09:53.120004 IP 192.168.0.105.56613 > 66.35.250.151.80: S 1024552314:1024552314(0) win 5840 <mss 1460,sackOK,timestamp 535455 0,nop,wscale 7>
10:09:53.763113 IP 192.168.0.105.40606 > 72.51.38.141.9990: S 1013285997:1013285997(0) win 5840 <mss 1460,sackOK,timestamp 535616 0,nop,wscale 7>
10:09:53.843191 IP 192.168.0.105.123 > 204.9.55.254.123: NTPv4, Client, length 48
10:09:53.870528 IP 204.9.55.254.123 > 192.168.0.105.123: NTPv4, Server, length 48
10:09:54.639257 IP 192.168.0.105.631 > 192.168.0.255.631: UDP, length 183
10:09:56.119208 IP 192.168.0.105.56613 > 66.35.250.151.80: S 1024552314:1024552314(0) win 5840 <mss 1460,sackOK,timestamp 536205 0,nop,wscale 7>
10:10:02.119449 IP 192.168.0.105.56613 > 66.35.250.151.80: S 1024552314:1024552314(0) win 5840 <mss 1460,sackOK,timestamp 537705 0,nop,wscale 7>
10:10:04.763554 IP 192.168.0.105.54763 > 72.51.38.139.8699: S 1015594724:1015594724(0) win 5840 <mss 1460,sackOK,timestamp 538366 0,nop,wscale 7>
10:10:05.763593 IP 192.168.0.105.40606 > 72.51.38.141.9990: S 1013285997:1013285997(0) win 5840 <mss 1460,sackOK,timestamp 538616 0,nop,wscale 7>
10:10:08.962183 IP 192.168.0.105.44208 > 72.51.37.237.8899: S 1037576693:1037576693(0) win 5840 <mss 1460,sackOK,timestamp 539415 0,nop,wscale 7>
10:10:10.084089 IP 192.168.0.105.56037 > 72.51.38.142.7822: S 1025483855:1025483855(0) win 5840 <mss 1460,sackOK,timestamp 539696 0,nop,wscale 7>
10:10:11.959848 IP 192.168.0.105.44208 > 72.51.37.237.8899: S 1037576693:1037576693(0) win 5840 <mss 1460,sackOK,timestamp 540165 0,nop,wscale 7>


For the 'ip rou ls' command, I get this:

Code:
192.168.0.0/24 dev eth0  proto kernel  scope link  src 192.168.0.105  metric 10 
169.254.0.0/16 dev eth0  scope link  metric 10 
127.0.0.0/8 dev lo  scope link 
default via 192.168.0.1 dev eth0  metric 10
As for the ping and subsequent tcpdump:

First, the pings and results:

Code:
ping www.google.com
PING www.l.google.com (66.249.89.104) 56(84) bytes of data.
64 bytes from 66.249.89.104: icmp_seq=1 ttl=239 time=27.4 ms
64 bytes from 66.249.89.104: icmp_seq=2 ttl=239 time=26.6 ms
64 bytes from 66.249.89.104: icmp_seq=3 ttl=239 time=27.9 ms
64 bytes from 66.249.89.104: icmp_seq=4 ttl=239 time=26.0 ms
64 bytes from 66.249.89.104: icmp_seq=5 ttl=239 time=26.3 ms
64 bytes from 66.249.89.104: icmp_seq=6 ttl=239 time=26.4 ms

--- www.l.google.com ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5002ms
rtt min/avg/max/mdev = 26.030/26.819/27.987/0.684 ms
Code:
ping www.gmail.com
PING googlemail.l.google.com (209.85.139.18) 56(84) bytes of data.
64 bytes from pr-in-f18.google.com (209.85.139.18): icmp_seq=1 ttl=235 time=187                                ms
64 bytes from pr-in-f18.google.com (209.85.139.18): icmp_seq=2 ttl=235 time=187                                ms
64 bytes from pr-in-f18.google.com (209.85.139.18): icmp_seq=3 ttl=235 time=188                                ms
64 bytes from pr-in-f18.google.com (209.85.139.18): icmp_seq=4 ttl=235 time=188                                ms
64 bytes from pr-in-f18.google.com (209.85.139.18): icmp_seq=5 ttl=235 time=187                                ms
64 bytes from pr-in-f18.google.com (209.85.139.18): icmp_seq=6 ttl=235 time=187                                ms
64 bytes from pr-in-f18.google.com (209.85.139.18): icmp_seq=7 ttl=235 time=188                                ms

--- googlemail.l.google.com ping statistics ---
7 packets transmitted, 7 received, 0% packet loss, time 6005ms
rtt min/avg/max/mdev = 187.022/187.915/188.711/0.563 ms
Code:
ping www.yahoo.com
PING www.yahoo-ht2.akadns.net (209.131.36.158) 56(84) bytes of data.
64 bytes from f1.www.vip.sp1.yahoo.com (209.131.36.158): icmp_seq=1 ttl=46 time=                               136 ms
64 bytes from f1.www.vip.sp1.yahoo.com (209.131.36.158): icmp_seq=2 ttl=46 time=                               136 ms
64 bytes from f1.www.vip.sp1.yahoo.com (209.131.36.158): icmp_seq=3 ttl=46 time=                               137 ms
64 bytes from f1.www.vip.sp1.yahoo.com (209.131.36.158): icmp_seq=4 ttl=46 time=                               137 ms
64 bytes from f1.www.vip.sp1.yahoo.com (209.131.36.158): icmp_seq=5 ttl=46 time=                               136 ms
64 bytes from f1.www.vip.sp1.yahoo.com (209.131.36.158): icmp_seq=6 ttl=47 time=                               134 ms
64 bytes from f1.www.vip.sp1.yahoo.com (209.131.36.158): icmp_seq=7 ttl=46 time=                               138 ms
64 bytes from f1.www.vip.sp1.yahoo.com (209.131.36.158): icmp_seq=8 ttl=46 time=                               135 ms
64 bytes from f1.www.vip.sp1.yahoo.com (209.131.36.158): icmp_seq=9 ttl=46 time=                               135 ms

--- www.yahoo-ht2.akadns.net ping statistics ---
9 packets transmitted, 9 received, 0% packet loss, time 7999ms
rtt min/avg/max/mdev = 134.797/136.585/138.525/1.071 ms
And here is the relevant 'tcpdump -nn'

Code:
10:12:24.553176 IP 192.168.0.105 > 66.249.89.104: ICMP echo request, id 6940, seq 2, length 64
10:12:24.579771 IP 66.249.89.104 > 192.168.0.105: ICMP echo reply, id 6940, seq 2, length 64
10:12:24.580073 IP 192.168.0.105.32773 > 192.168.0.1.53:  30797+ PTR? 104.89.249.66.in-addr.arpa. (44)
10:12:24.583554 IP 192.168.0.1.53 > 192.168.0.105.32773:  30797 NXDomain 0/1/0 (104)
10:12:25.553281 IP 192.168.0.105 > 66.249.89.104: ICMP echo request, id 6940, seq 3, length 64
10:12:25.581201 IP 66.249.89.104 > 192.168.0.105: ICMP echo reply, id 6940, seq 3, length 64
10:12:25.581503 IP 192.168.0.105.32773 > 192.168.0.1.53:  39408+ PTR? 104.89.249.66.in-addr.arpa. (44)
10:12:25.584855 IP 192.168.0.1.53 > 192.168.0.105.32773:  39408 NXDomain 0/1/0 (104)
10:12:25.761170 IP 192.168.0.105.59005 > 193.138.221.213.4242: S 1157713925:1157713925(0) win 5840 <mss 1460,sackOK,timestamp 573614 0,nop,wscale 7>
10:12:26.553299 IP 192.168.0.105 > 66.249.89.104: ICMP echo request, id 6940, seq 4, length 64
10:12:26.579262 IP 66.249.89.104 > 192.168.0.105: ICMP echo reply, id 6940, seq 4, length 64
10:12:26.579562 IP 192.168.0.105.32773 > 192.168.0.1.53:  49193+ PTR? 104.89.249.66.in-addr.arpa. (44)
10:12:26.583011 IP 192.168.0.1.53 > 192.168.0.105.32773:  49193 NXDomain 0/1/0 (104)
10:12:26.761213 IP 192.168.0.105.44596 > 66.172.60.151.4661: S 1155817203:1155817203(0) win 5840 <mss 1460,sackOK,timestamp 573864 0,nop,wscale 7>
10:12:27.390775 arp who-has 192.168.0.106 tell 192.168.0.100
10:12:27.553281 IP 192.168.0.105 > 66.249.89.104: ICMP echo request, id 6940, seq 5, length 64
10:12:27.579559 IP 66.249.89.104 > 192.168.0.105: ICMP echo reply, id 6940, seq 5, length 64
10:12:27.579866 IP 192.168.0.105.32773 > 192.168.0.1.53:  60877+ PTR? 104.89.249.66.in-addr.arpa. (44)
10:12:27.583528 IP 192.168.0.1.53 > 192.168.0.105.32773:  60877 NXDomain 0/1/0 (104)
10:12:28.553316 IP 192.168.0.105 > 66.249.89.104: ICMP echo request, id 6940, seq 6, length 64
10:12:28.579703 IP 66.249.89.104 > 192.168.0.105: ICMP echo reply, id 6940, seq 6, length 64
10:12:28.580008 IP 192.168.0.105.32773 > 192.168.0.1.53:  4513+ PTR? 104.89.249.66.in-addr.arpa. (44)
10:12:28.583434 IP 192.168.0.1.53 > 192.168.0.105.32773:  4513 NXDomain 0/1/0 (104)
10:12:29.629640 IP 192.168.0.105.631 > 192.168.0.255.631: UDP, length 183
10:12:37.761641 IP 192.168.0.105.59005 > 193.138.221.213.4242: S 1157713925:1157713925(0) win 5840 <mss 1460,sackOK,timestamp 576614 0,nop,wscale 7>
10:12:38.761679 IP 192.168.0.105.44596 > 66.172.60.151.4661: S 1155817203:1155817203(0) win 5840 <mss 1460,sackOK,timestamp 576864 0,nop,wscale 7>
10:12:40.249037 IP 192.168.0.105.32773 > 192.168.0.1.53:  14045+ A? www.gmail.com. (31)
10:12:40.252522 IP 192.168.0.1.53 > 192.168.0.105.32773:  14045 5/7/7 CNAME[|domain]
10:12:40.253013 IP 192.168.0.105 > 209.85.139.18: ICMP echo request, id 8988, seq 1, length 64
10:12:40.440818 IP 209.85.139.18 > 192.168.0.105: ICMP echo reply, id 8988, seq 1, length 64
10:12:40.441181 IP 192.168.0.105.32773 > 192.168.0.1.53:  64316+ PTR? 18.139.85.209.in-addr.arpa. (44)
10:12:40.444616 IP 192.168.0.1.53 > 192.168.0.105.32773:  64316 1/4/4 (214)
10:12:41.253890 IP 192.168.0.105 > 209.85.139.18: ICMP echo request, id 8988, seq 2, length 64
10:12:41.441791 IP 209.85.139.18 > 192.168.0.105: ICMP echo reply, id 8988, seq 2, length 64
10:12:41.442105 IP 192.168.0.105.32773 > 192.168.0.1.53:  44627+ PTR? 18.139.85.209.in-addr.arpa. (44)
10:12:41.445545 IP 192.168.0.1.53 > 192.168.0.105.32773:  44627 1/4/4 (214)
10:12:41.862822 IP 192.168.0.105.58506 > 194.213.0.30.3306: S 1191987708:1191987708(0) win 5840 <mss 1460,sackOK,timestamp 577639 0,nop,wscale 7>
10:12:42.253861 IP 192.168.0.105 > 209.85.139.18: ICMP echo request, id 8988, seq 3, length 64
10:12:42.442505 IP 209.85.139.18 > 192.168.0.105: ICMP echo reply, id 8988, seq 3, length 64
10:12:42.442814 IP 192.168.0.105.32773 > 192.168.0.1.53:  26118+ PTR? 18.139.85.209.in-addr.arpa. (44)
10:12:42.446249 IP 192.168.0.1.53 > 192.168.0.105.32773:  26118 1/4/4 (214)
10:12:42.862707 IP 192.168.0.105.45031 > 66.172.60.130.4661: S 1191649307:1191649307(0) win 5840 <mss 1460,sackOK,timestamp 577889 0,nop,wscale 7>
10:12:43.253959 IP 192.168.0.105 > 209.85.139.18: ICMP echo request, id 8988, seq 4, length 64
10:12:43.441902 IP 209.85.139.18 > 192.168.0.105: ICMP echo reply, id 8988, seq 4, length 64
10:12:43.442212 IP 192.168.0.105.32773 > 192.168.0.1.53:  12670+ PTR? 18.139.85.209.in-addr.arpa. (44)
10:12:43.445663 IP 192.168.0.1.53 > 192.168.0.105.32773:  12670 1/4/4 (214)
10:12:44.253940 IP 192.168.0.105 > 209.85.139.18: ICMP echo request, id 8988, seq 5, length 64
10:12:44.440897 IP 209.85.139.18 > 192.168.0.105: ICMP echo reply, id 8988, seq 5, length 64
10:12:44.441205 IP 192.168.0.105.32773 > 192.168.0.1.53:  58781+ PTR? 18.139.85.209.in-addr.arpa. (44)
10:12:44.444747 IP 192.168.0.1.53 > 192.168.0.105.32773:  58781 1/4/4 (214)
10:12:44.861920 IP 192.168.0.105.58506 > 194.213.0.30.3306: S 1191987708:1191987708(0) win 5840 <mss 1460,sackOK,timestamp 578389 0,nop,wscale 7>
10:12:45.253988 IP 192.168.0.105 > 209.85.139.18: ICMP echo request, id 8988, seq 6, length 64
10:12:45.441723 IP 209.85.139.18 > 192.168.0.105: ICMP echo reply, id 8988, seq 6, length 64
10:12:45.442053 IP 192.168.0.105.32773 > 192.168.0.1.53:  40140+ PTR? 18.139.85.209.in-addr.arpa. (44)
10:12:45.445451 IP 192.168.0.1.53 > 192.168.0.105.32773:  40140 1/4/4 (214)
10:12:45.634740 IP 192.168.0.105.139 > 192.168.0.100.1723: P 786785374:786785378(4) ack 3139137319 win 10720: pptp [|pptp]
10:12:45.792796 arp who-has 192.168.0.105 tell 192.168.0.100
10:12:45.792824 arp reply 192.168.0.105 is-at 00:0f:b0:0f:6b:bf
10:12:45.793065 IP 192.168.0.100.1723 > 192.168.0.105.139: . ack 4 win 16483
10:12:45.861963 IP 192.168.0.105.45031 > 66.172.60.130.4661: S 1191649307:1191649307(0) win 5840 <mss 1460,sackOK,timestamp 578639 0,nop,wscale 7>
10:12:46.258860 IP 192.168.0.105 > 209.85.139.18: ICMP echo request, id 8988, seq 7, length 64
10:12:46.446836 IP 209.85.139.18 > 192.168.0.105: ICMP echo reply, id 8988, seq 7, length 64
10:12:46.447141 IP 192.168.0.105.32773 > 192.168.0.1.53:  20553+ PTR? 18.139.85.209.in-addr.arpa. (44)
10:12:46.450571 IP 192.168.0.1.53 > 192.168.0.105.32773:  20553 1/4/4 (214)
10:12:50.434098 arp who-has 192.168.0.1 tell 192.168.0.103
10:12:50.864632 IP 192.168.0.105.58506 > 194.213.0.30.3306: S 1191987708:1191987708(0) win 5840 <mss 1460,sackOK,timestamp 579889 0,nop,wscale 7>
10:12:51.862197 IP 192.168.0.105.45031 > 66.172.60.130.4661: S 1191649307:1191649307(0) win 5840 <mss 1460,sackOK,timestamp 580139 0,nop,wscale 7>
10:12:57.130784 IP 192.168.0.105.32773 > 192.168.0.1.53:  2320+ A? www.yahoo.com. (31)
10:12:57.134506 IP 192.168.0.1.53 > 192.168.0.105.32773:  2320 2/8/8 CNAME[|domain]
10:12:57.135424 IP 192.168.0.105 > 209.131.36.158: ICMP echo request, id 10012, seq 1, length 64
10:12:57.271939 IP 209.131.36.158 > 192.168.0.105: ICMP echo reply, id 10012, seq 1, length 64
10:12:57.272301 IP 192.168.0.105.32773 > 192.168.0.1.53:  61566+ PTR? 158.36.131.209.in-addr.arpa. (45)
10:12:57.275772 IP 192.168.0.1.53 > 192.168.0.105.32773:  61566 1/5/5 (253)
10:12:58.134556 IP 192.168.0.105 > 209.131.36.158: ICMP echo request, id 10012, seq 2, length 64
10:12:58.271055 IP 209.131.36.158 > 192.168.0.105: ICMP echo reply, id 10012, seq 2, length 64
10:12:58.271364 IP 192.168.0.105.32773 > 192.168.0.1.53:  12004+ PTR? 158.36.131.209.in-addr.arpa. (45)
10:12:58.274793 IP 192.168.0.1.53 > 192.168.0.105.32773:  12004 1/5/5 (253)
10:12:59.134539 IP 192.168.0.105 > 209.131.36.158: ICMP echo request, id 10012, seq 3, length 64
10:12:59.271832 IP 209.131.36.158 > 192.168.0.105: ICMP echo reply, id 10012, seq 3, length 64
10:12:59.272140 IP 192.168.0.105.32773 > 192.168.0.1.53:  26787+ PTR? 158.36.131.209.in-addr.arpa. (45)
10:12:59.275595 IP 192.168.0.1.53 > 192.168.0.105.32773:  26787 1/5/5 (253)
10:13:00.134562 IP 192.168.0.105 > 209.131.36.158: ICMP echo request, id 10012, seq 4, length 64
10:13:00.271875 IP 209.131.36.158 > 192.168.0.105: ICMP echo reply, id 10012, seq 4, length 64
10:13:00.272184 IP 192.168.0.105.32773 > 192.168.0.1.53:  42602+ PTR? 158.36.131.209.in-addr.arpa. (45)
10:13:00.275618 IP 192.168.0.1.53 > 192.168.0.105.32773:  42602 1/5/5 (253)
10:13:00.634722 IP 192.168.0.105.631 > 192.168.0.255.631: UDP, length 183
10:13:01.134615 IP 192.168.0.105 > 209.131.36.158: ICMP echo request, id 10012, seq 5, length 64
10:13:01.270838 IP 209.131.36.158 > 192.168.0.105: ICMP echo reply, id 10012, seq 5, length 64
10:13:01.272034 IP 192.168.0.105.32773 > 192.168.0.1.53:  57692+ PTR? 158.36.131.209.in-addr.arpa. (45)
10:13:01.275507 IP 192.168.0.1.53 > 192.168.0.105.32773:  57692 1/5/5 (253)
10:13:02.131115 arp who-has 192.168.0.105 tell 192.168.0.1
10:13:02.131144 arp reply 192.168.0.105 is-at 00:0f:b0:0f:6b:bf
10:13:02.134673 IP 192.168.0.105 > 209.131.36.158: ICMP echo request, id 10012, seq 6, length 64
10:13:02.269406 IP 209.131.36.158 > 192.168.0.105: ICMP echo reply, id 10012, seq 6, length 64
10:13:02.269713 IP 192.168.0.105.32773 > 192.168.0.1.53:  7347+ PTR? 158.36.131.209.in-addr.arpa. (45)
10:13:02.273231 IP 192.168.0.1.53 > 192.168.0.105.32773:  7347 1/5/5 (253)
10:13:02.862630 IP 192.168.0.105.58506 > 194.213.0.30.3306: S 1191987708:1191987708(0) win 5840 <mss 1460,sackOK,timestamp 582889 0,nop,wscale 7>
10:13:03.134683 IP 192.168.0.105 > 209.131.36.158: ICMP echo request, id 10012, seq 7, length 64
10:13:03.273143 IP 209.131.36.158 > 192.168.0.105: ICMP echo reply, id 10012, seq 7, length 64
10:13:03.273454 IP 192.168.0.105.32773 > 192.168.0.1.53:  8190+ PTR? 158.36.131.209.in-addr.arpa. (45)
10:13:03.276875 IP 192.168.0.1.53 > 192.168.0.105.32773:  8190 1/5/5 (253)
10:13:03.862668 IP 192.168.0.105.45031 > 66.172.60.130.4661: S 1191649307:1191649307(0) win 5840 <mss 1460,sackOK,timestamp 583139 0,nop,wscale 7>
10:13:04.134723 IP 192.168.0.105 > 209.131.36.158: ICMP echo request, id 10012, seq 8, length 64
10:13:04.270556 IP 209.131.36.158 > 192.168.0.105: ICMP echo reply, id 10012, seq 8, length 64
10:13:04.270879 IP 192.168.0.105.32773 > 192.168.0.1.53:  21734+ PTR? 158.36.131.209.in-addr.arpa. (45)
10:13:04.274474 IP 192.168.0.1.53 > 192.168.0.105.32773:  21734 1/5/5 (253)
10:13:05.134792 IP 192.168.0.105 > 209.131.36.158: ICMP echo request, id 10012, seq 9, length 64
10:13:05.270612 IP 209.131.36.158 > 192.168.0.105: ICMP echo reply, id 10012, seq 9, length 64
10:13:05.270890 IP 192.168.0.105.32773 > 192.168.0.1.53:  22207+ PTR? 158.36.131.209.in-addr.arpa. (45)
10:13:05.274457 IP 192.168.0.1.53 > 192.168.0.105.32773:  22207 1/5/5 (253)

Well, that's pretty much it. I'm going to try to know whether the new network has some kind of special configuration, but appart from that, I7m completely in the dark.

Thanks
 
Old 01-09-2007, 05:48 PM   #9
grenier
Member
 
Registered: Jun 2004
Posts: 46

Original Poster
Rep: Reputation: 16
Ok, I'm an idiot.

The riddle is easy, really: the new network is configured to access the internet through a proxy, which of course I hadn't set up.
Now that I did, I can access.

But...

It works only once. Basically, it can access and download the very first link it has (as defined in the homepage location in the preferences) and then stalls. That mean that if that first link is a page with images, I'll not see these - for instance google gives me the text but not the 'Google' picture and forget about making any search.
I tried it with both ipv6 enabled or disabled with no change in behavior. The windows boxes don't have this problem, and to add insult to injury, using IE with Crossover on my computer gets me a fairly normal behavior and browsing speed.

Since firefox works whithout a hitch on a windows box once the proxy is properly set up, I really don't know what to do.
Last edited by grenier; 01-09-2007 at 06:24 PM.
 
Old 01-09-2007, 06:44 PM   #10
grenier
Member
 
Registered: Jun 2004
Posts: 46

Original Poster
Rep: Reputation: 16
Smile
Ok, next cleared-up thing: it's Firefox that has a problem.

Just for the heck of it, I tried browsing with Galeon (2.0.1), and it works.
So that means problem mostly solved.

That said, I'd really like to understand why firefox doesn't work. Does anybody have an idea?
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
howto access 2 diferent networks lofa Linux - Networking 1 11-30-2006 08:00 AM
share internet between 2 other networks -Srict- Linux - Networking 11 10-06-2005 05:20 PM
access networks through linux jahoover Linux - Networking 1 09-16-2004 03:00 PM
Merging two networks to share internet connection Maranza Linux - Networking 17 02-02-2004 08:32 PM
Bay Networks Remote Access Concentrator mutantjazz Linux - Hardware 0 01-12-2003 03:15 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 04:53 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration