LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 04-09-2007, 10:44 AM   #1
nsfx
LQ Newbie
 
Registered: Apr 2006
Location: New Jersey, U.S.
Distribution: Frugalware
Posts: 17

Rep: Reputation: 0
Ping always fails but TCP/IP & everything else works


Ping and traceroute (and other ICMP utilities I presume) always fail on my machine even to hosts that I know respond to pings from other machines on the same subnet. Iptables looks okay. Below I've copied output from ifconfig and route, and I've copied my iptables and firewall files.

Code:
eth2      Link encap:Ethernet  HWaddr 00:13:02:9F:4B:3E  
          inet addr:128.235.73.162  Bcast:128.235.79.255  Mask:255.255.248.0
          inet6 addr: 2002:80eb:4acc:5:213:2ff:fe9f:4b3e/64 Scope:Global
          inet6 addr: fec0::5:213:2ff:fe9f:4b3e/64 Scope:Site
          inet6 addr: fe80::213:2ff:fe9f:4b3e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:20618 errors:6 dropped:871 overruns:0 frame:0
          TX packets:985 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:3580546 (3.4 Mb)  TX bytes:144264 (140.8 Kb)
          Interrupt:17 Base address:0xa000 Memory:dcfff000-dcffffff 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:107 errors:0 dropped:0 overruns:0 frame:0
          TX packets:107 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:8340 (8.1 Kb)  TX bytes:8340 (8.1 Kb)


Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
128.235.72.0    *               255.255.248.0   U     0      0        0 eth2
loopback        *               255.0.0.0       U     0      0        0 lo
default         vlan800-wl-gw.n 0.0.0.0         UG    0      0        0 eth2


# /etc/sysconfig/iptables
# Comment out if you want to disable IPv4 packet forwarding.
forward=1


# /etc/sysconfig/firewall
#
# configuration file for iptables
#
# Generated by iptables-save v1.2.11 on Thu Aug 19 01:47:13 2004
*filter
:INPUT DROP [1956:130146]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [972602:1376127870]
# don't drop certain icmp types
-A INPUT -p icmp --icmp-type 0 -j ACCEPT
-A INPUT -p icmp --icmp-type 3 -j ACCEPT
-A INPUT -p icmp --icmp-type 11 -j ACCEPT
# uncomment this to reply to ping
#-A INPUT -p icmp --icmp-type 8 -m limit --limit 1/second -j ACCEPT
# ftp
#-A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
# ssh
#-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
# smtp
#-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
# dns
#-A INPUT -p udp -m udp --dport 53 -j ACCEPT
#-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
# http
#-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
# pop3
#-A INPUT -p tcp -m tcp --dport 110 -j ACCEPT
# identd
#-A INPUT -p tcp -m tcp --dport 113 -j ACCEPT
# samba
#-A INPUT -p udp -m multiport --dport 137,138 -j ACCEPT
#-A INPUT -p tcp -m tcp --dport 139 -j ACCEPT
# imap
#-A INPUT -p tcp -m tcp --dport 143 -j ACCEPT
# https
#-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
# rsync
#-A INPUT -p tcp -m tcp --dport 873 -j ACCEPT
# imaps
#-A INPUT -p tcp -m tcp --dport 993 -j ACCEPT
# pop3s
#-A INPUT -p tcp -m tcp --dport 995 -j ACCEPT
# mysql
#-A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT
# distccd
#-A INPUT -p tcp -m tcp --dport 3632 -j ACCEPT
# avahi
#-A INPUT -p udp -m udp --dport 5353 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
COMMIT
# Completed on Thu Aug 19 01:47:13 2004
Any tips are much appreciated! :]
 
Old 04-09-2007, 10:49 AM   #2
Centinul
Member
 
Registered: Jun 2005
Distribution: Gentoo
Posts: 552

Rep: Reputation: 30
What exactly do you mean by "failing"? Can you post the error, or what happens when you try and ping?

Thanks.
 
Old 04-09-2007, 11:00 AM   #3
fur
Member
 
Registered: Dec 2003
Distribution: Debian, FreeBSD
Posts: 310

Rep: Reputation: 35
I believe you need to allow both ICMP type 0(echo reply), and 8 (echo request).

Looking at your iptables rules you have the type 8 commented out.
 
Old 04-09-2007, 01:13 PM   #4
nsfx
LQ Newbie
 
Registered: Apr 2006
Location: New Jersey, U.S.
Distribution: Frugalware
Posts: 17

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by Centinul
What exactly do you mean by "failing"? Can you post the error, or what happens when you try and ping?

Thanks.
Hi, it just outputs the initial "PING [host] ([ip]) [bytes] bytes of data" and then no output even with the verbose switch. When I manually break the command it says "[N] packets transmitted, 0 received, 100% packet loss, [time] ms"

Thanks!
 
Old 04-09-2007, 01:15 PM   #5
nsfx
LQ Newbie
 
Registered: Apr 2006
Location: New Jersey, U.S.
Distribution: Frugalware
Posts: 17

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by fur
I believe you need to allow both ICMP type 0(echo reply), and 8 (echo request).

Looking at your iptables rules you have the type 8 commented out.
Yeah I tried this previously with no success. I think type 8 is for incoming pings. Thanks for the suggestion.
 
Old 04-09-2007, 01:59 PM   #6
fur
Member
 
Registered: Dec 2003
Distribution: Debian, FreeBSD
Posts: 310

Rep: Reputation: 35
It is for incoming pings, but your computer still needs to send out those packets. I think you may need something like this.

iptables -A OUTPUT -p icmp --icmp-type 8 -j ACCEPT
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ping server_name don't works ping IP_address yes... why? Joan Murt Linux - Enterprise 5 07-20-2006 01:15 AM
DNS look up works, ping only works for some sites any ideas? Mantrout Linux - Wireless Networking 3 01-29-2006 11:59 AM
LAN/ADSL Router ping working but DNS ping fails R N Ghosh Linux - Networking 1 01-13-2006 07:44 AM
The synaptics driver works, synclient & syndaemon fails tisource Linux - Hardware 0 03-23-2005 10:01 PM
windows 98 m/c ping to ip address of red hat server but fails to ping hostname ravilohot Linux - Networking 2 09-07-2004 04:57 AM


All times are GMT -5. The time now is 10:21 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration