LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 02-27-2005, 09:44 AM   #1
greenthing
Member
 
Registered: Jan 2005
Distribution: Suse 9.3 pro
Posts: 116

Rep: Reputation: 15
Remove iptable rules


i used a script (seen at the end of this post) to add lots =of iptable rules now i want to remove them they are basically only blocking certain ip adresses but i want to remove them.

if i ie ping one of the ip adresses i get packet filtered as response.

Thanks for helping.

Code:
#!/bin/sh

#
# peerguard - Version 0.2
# Author: Brad Cable
# License: GPL Version 2
#


###  Configuration  ###


# uncomment and change this to use a HTTP proxy to retreive the list
#export http_proxy="0.0.0.0:80"

# file to download from the peerguardian database, go to http://www.methlabs.org/sync/ for possible values
pgfile="guarding.p2p"

# temporary directory to use
workdirectory="/tmp/pg"

# path to iptables
iptables="/usr/sbin/iptables"


### End of Configuration ###




########################################
###     DO NOT TOUCH THE REST!!!     ###
########################################


if [ "$UID" != "0" ]; then
	echo "You must be root to run this script.";
	exit;
fi

cleanup(){
	if [ -d "$workdirectory" ]; then
		rm -r $workdirectory
	fi
	rm -rf $pgfile
	rm -rf $pgfile.zip
}

cleanup

mkdir $workdirectory
chown -R nobody $workdirectory
chmod +w $workdirectory
cd $workdirectory

reject="-j REJECT --reject-with icmp-host-unreachable"
nob="su - nobody -c "
wget="cd $workdirectory;wget -q"
if [ ! -z "$http_proxy" ]; then
	wget="export http_proxy='${http_proxy}';$wget"
fi

echo
echo -n "Downloading PeerGuardian File: $pgfile"
$nob"$wget http://www.methlabs.org/sync/$pgfile.zip"

echo -n "... Unzipping..."
unzip $pgfile.zip &> /dev/null
echo -n " Done."
echo

for line in `cat $pgfile`; do

	iprange=`echo $line | cut -d ':' -f2`
	if [ "$iprange" == "$line" ] || [ "$iprange" == "" ]; then
		continue
	fi
	iprange=${iprange:0:${#iprange}-1}

	$iptables -A INPUT -m iprange --src-range $iprange -j DROP
	$iptables -A OUTPUT -m iprange --dst-range $iprange $reject

	echo "     Blocked: $iprange"

done


echo "Blocking Complete"
echo

cleanup
 
Old 02-27-2005, 11:27 AM   #2
lyle_s
Member
 
Registered: Jul 2003
Distribution: Slackware
Posts: 388

Rep: Reputation: 52
As root, run:

iptables --flush OUTPUT; iptables --policy OUTPUT ACCEPT

to flush the rules the script added to the OUTPUT chain. With the rules removed, you will be able to resume connecting to the IPs the script blocked, such as pinging them. Note that this will also flush out any rules you had in the OUTPUT chain before you ran the script.

You can also flush the rules from the input chain similarily (as root):

iptables --flush INPUT; iptables --policy INPUT ACCEPT

to flush out all the rules the script added. Again, this will also flush any rules you originally had before you ran the script.

This will leave you wide open. In case you need it, here's a basic firewall script that should do while you figure out what you want to do:
Code:
#!/bin/sh

## INPUT chain ##
# Explicitly deny that which is not allowed.
iptables --policy INPUT DROP

# Allow anything from the loopback device.
iptables --append INPUT \
                --in-interface lo \
                --jump ACCEPT

# Allow anything related to an outgoing connection.
iptables --append INPUT \
                --match state \
                --state ESTABLISHED,RELATED \
                --jump ACCEPT


## OUTPUT chain ##
# Allow anything on the way out.
iptables --policy OUTPUT ACCEPT
Lyle
 
Old 02-27-2005, 12:38 PM   #3
greenthing
Member
 
Registered: Jan 2005
Distribution: Suse 9.3 pro
Posts: 116

Original Poster
Rep: Reputation: 15
didnt help


Code:
gr@ad:~> su
Password:
ad:/home/gr # iptables --flush OUTPUT
ad:/home/gr # iptables --policy OUTPUT ACCEPT
ad:/home/gr # iptables --flush INPUT
ad:/home/gr # iptables --policy INPUT ACCEPT
ad:/home/gr # cd
ad:~ # cd /home/gr/Desktop/temp
ad:/home/gr/Desktop/temp # ./gg.sh
ad:/home/gr/Desktop/temp # ping www.riaa.com
PING www.riaa.com (68.163.90.10) 56(84) bytes of data.
From 68.163.93.162: icmp_seq=12 Packet filtered
From 68.163.93.162 icmp_seq=12 Packet filtered
From 68.163.93.162 icmp_seq=20 Packet filtered

--- www.riaa.com ping statistics ---
23 packets transmitted, 0 received, +3 errors, 100% packet loss, time 22003ms
 
Old 02-27-2005, 01:42 PM   #4
lyle_s
Member
 
Registered: Jul 2003
Distribution: Slackware
Posts: 388

Rep: Reputation: 52
Is gg.sh the script that adds all the rules? If so, you re-added the rules after flushing them out.

But that's okay, I think I see what you want to do now. It looks like you want to block the IPs on the way in, but not on the way out. To achieve this, flush the chains again, comment out or remove this line in the script:
Code:
$iptables -A OUTPUT -m iprange --dst-range $iprange $reject
(it's about 10 lines from the bottom), and re-run the script.

Lyle
 
Old 02-27-2005, 04:09 PM   #5
greenthing
Member
 
Registered: Jan 2005
Distribution: Suse 9.3 pro
Posts: 116

Original Poster
Rep: Reputation: 15
what i want is do remove all added ips from the iptables so the iptables look like they did before i ran the script the first time ie

before running script:
something
something
something

After running the script:
something
something
something
block incoming an ipaddrese from the script
block outgoing an ipadress from thre script
and so on


so what i want is for the iptable rules to look like they did before i ran the script.
and no gg.sh is the script you gave me.

Last edited by greenthing; 02-27-2005 at 04:11 PM.
 
Old 02-27-2005, 05:00 PM   #6
lyle_s
Member
 
Registered: Jul 2003
Distribution: Slackware
Posts: 388

Rep: Reputation: 52
I get the same "packet filtered" thing from ping with no firewall:
Code:
root@bowman:/home/lyle# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
root@bowman:/home/lyle# su lyle
lyle@bowman:~$ ping -c3 www.riaa.com
PING www.riaa.com (68.163.90.10) 56(84) bytes of data.
From 68.163.93.162 icmp_seq=3 Packet filtered

--- www.riaa.com ping statistics ---
3 packets transmitted, 0 received, +1 errors, 100% packet loss, time 2013ms
It appears to be on their end.

This is what it would look like if the script you started with was in effect (iptables segfaulted when I tried to use the hostname www.riaa.com, so I had to use the IP address):
Code:
root@bowman:/home/lyle# iptables --append OUTPUT --destination 68.163.90.10 --jump REJECT --reject-with icmp-host-unreachable
root@bowman:/home/lyle# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
REJECT     all  --  anywhere             68.163.90.10        reject-with icmp-host-unreachable
root@bowman:/home/lyle# su lyle
lyle@bowman:~$ ping -c3 68.163.90.10
PING 68.163.90.10 (68.163.90.10) 56(84) bytes of data.
From 192.168.0.2 icmp_seq=1 Destination Host Unreachable
From 192.168.0.2 icmp_seq=1 Destination Host Unreachable
From 192.168.0.2 icmp_seq=1 Destination Host Unreachable

--- 68.163.90.10 ping statistics ---
0 packets transmitted, 0 received, +3 errors
Lyle

Last edited by lyle_s; 02-27-2005 at 05:34 PM.
 
Old 02-28-2005, 09:51 AM   #7
greenthing
Member
 
Registered: Jan 2005
Distribution: Suse 9.3 pro
Posts: 116

Original Poster
Rep: Reputation: 15
your right it was on on their end but i took another one that was on the list namingly

City of New York - New York City Council:205.247.140.0-205.247.143.255

and then tryed to ping their homepage:

Code:
gr@ad:~> ping http://www.nyccouncil.info/
ping: unknown host http://www.nyccouncil.info/
i did the dame with a couple of others and they all gave host not found so that has to mean theire on the list and that the list is still there in iptables.

here is the output from iptables --list thought i might help.

Code:
ad:/home/gr # iptables --list
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED

Chain FORWARD (policy DROP)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain forward_dmz (0 references)
target     prot opt source               destination

Chain forward_ext (0 references)
target     prot opt source               destination

Chain forward_int (0 references)
target     prot opt source               destination

Chain input_dmz (0 references)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere            PKTTYPE = broadcast
ACCEPT     icmp --  anywhere             anywhere            icmp source-quench
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp echo-reply
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp parameter-problem
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp timestamp-reply
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp address-mask-reply
LOG        all  --  anywhere             anywhere            limit: avg 3/min burst 5 state INVALID LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP-DEFLT-INV '
DROP       all  --  anywhere             anywhere            state INVALID
LOG        tcp  --  anywhere             anywhere            limit: avg 3/min burst 5 tcp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix`SFW2-INdmz-DROP-DEFLT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min burst 5 icmp source-quench LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min burst 5 icmp redirect LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min burst 5 icmp echo-request LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min burst 5 icmp timestamp-request LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min burst 5 icmp address-mask-request LOG level warning tcp-options ip-options prefix`SFW2-INdmz-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min burst 5 icmp type 2 LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP-ICMP-CRIT '
LOG        udp  --  anywhere             anywhere            limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP-DEFLT '
DROP       all  --  anywhere             anywhere

Chain input_ext (0 references)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere            PKTTYPE = broadcast
ACCEPT     icmp --  anywhere             anywhere            icmp source-quench
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp echo-reply
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp parameter-problem
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp timestamp-reply
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp address-mask-reply
LOG        all  --  anywhere             anywhere            limit: avg 3/min burst 5 state INVALID LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT-INV '
DROP       all  --  anywhere             anywhere            state INVALID
LOG        tcp  --  anywhere             anywhere            limit: avg 3/min burst 5 tcp dpt:domain flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP '
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:domain
LOG        tcp  --  anywhere             anywhere            limit: avg 3/min burst 5 tcp dpt:http flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP '
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http
LOG        tcp  --  anywhere             anywhere            limit: avg 3/min burst 5 tcp dpt:imap flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP '
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:imap
LOG        tcp  --  anywhere             anywhere            limit: avg 3/min burst 5 tcp dpt:imaps flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP '
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:imaps
LOG        tcp  --  anywhere             anywhere            limit: avg 3/min burst 5 tcp dpt:pop3 flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP '
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pop3
LOG        tcp  --  anywhere             anywhere            limit: avg 3/min burst 5 tcp dpt:pop3s flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP '
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pop3s
LOG        tcp  --  anywhere             anywhere            limit: avg 3/min burst 5 tcp dpt:smtp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP '
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtp
LOG        tcp  --  anywhere             anywhere            limit: avg 3/min burst 5 tcp dpt:18156 flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP '
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:18156
reject_func  tcp  --  anywhere             anywhere            tcp dpt:ident state NEW
ACCEPT     udp  --  anywhere             anywhere            udp dpt:bootps
ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain
ACCEPT     udp  --  anywhere             anywhere            udp dpt:18156
LOG        tcp  --  anywhere             anywhere            limit: avg 3/min burst 5 tcp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix`SFW2-INext-DROP-DEFLT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min burst 5 icmp source-quench LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min burst 5 icmp redirect LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min burst 5 icmp echo-request LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min burst 5 icmp timestamp-request LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min burst 5 icmp address-mask-request LOG level warning tcp-options ip-options prefix`SFW2-INext-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min burst 5 icmp type 2 LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-ICMP-CRIT '
LOG        udp  --  anywhere             anywhere            limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT '
DROP       all  --  anywhere             anywhere

Chain input_int (0 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere            icmp source-quench
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp echo-reply
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp parameter-problem
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp timestamp-reply
ACCEPT     icmp --  anywhere             anywhere            state RELATED,ESTABLISHED icmp address-mask-reply
LOG        all  --  anywhere             anywhere            limit: avg 3/min burst 5 state INVALID LOG level warning tcp-options ip-options prefix `SFW2-INint-DROP-DEFLT-INV '
DROP       all  --  anywhere             anywhere            state INVALID
LOG        tcp  --  anywhere             anywhere            limit: avg 3/min burst 5 tcp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix`SFW2-INint-DROP-DEFLT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min burst 5 icmp source-quench LOG level warning tcp-options ip-options prefix `SFW2-INint-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min burst 5 icmp redirect LOG level warning tcp-options ip-options prefix `SFW2-INint-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min burst 5 icmp echo-request LOG level warning tcp-options ip-options prefix `SFW2-INint-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min burst 5 icmp timestamp-request LOG level warning tcp-options ip-options prefix `SFW2-INint-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min burst 5 icmp address-mask-request LOG level warning tcp-options ip-options prefix`SFW2-INint-DROP-ICMP-CRIT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min burst 5 icmp type 2 LOG level warning tcp-options ip-options prefix `SFW2-INint-DROP-ICMP-CRIT '
LOG        udp  --  anywhere             anywhere            limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-INint-DROP-DEFLT '
DROP       all  --  anywhere             anywhere

Chain reject_func (1 references)
target     prot opt source               destination
REJECT     tcp  --  anywhere             anywhere            reject-with tcp-reset
REJECT     udp  --  anywhere             anywhere            reject-with icmp-port-unreachable
REJECT     all  --  anywhere             anywhere            reject-with icmp-proto-unreachable
ad:/home/gr #
 
Old 03-01-2005, 08:43 AM   #8
lyle_s
Member
 
Registered: Jul 2003
Distribution: Slackware
Posts: 388

Rep: Reputation: 52
Thanks for the output of iptables --list; I should have asked for that right off the bat.

To clear them out (as root):

iptables -X input_ext
iptables -X

You have to run it twice because input_ext references reject_func.

Lyle
 
Old 03-01-2005, 05:59 PM   #9
greenthing
Member
 
Registered: Jan 2005
Distribution: Suse 9.3 pro
Posts: 116

Original Poster
Rep: Reputation: 15
what did i do wrong?

Code:
gr@ad:~> su
Password:
ad:/home/gr # iptables -X input_ext
iptables: Chain is not empty
ad:/home/gr # iptables -X
iptables: Can't delete chain with references left
ad:/home/gr # iptables -X reject_func
iptables: Can't delete chain with references left
ad:/home/gr #
 
Old 03-02-2005, 07:42 AM   #10
lyle_s
Member
 
Registered: Jul 2003
Distribution: Slackware
Posts: 388

Rep: Reputation: 52
Sorry, my mistake.

Try (as root):

iptables --flush
iptables --delete-chain

Then run my basic firewall script.

I don't think your firewall rules are filtering anything because there's no reference to the user-defined chains in the INPUT, OUTPUT, or FORWARD chains. So, although there a bunch of rules in there, none of them are doing anything.

You have to strip off the http:// and trailing slash from an Internet address before you ping it, because they're not part of the hostname. Try:

ping www.nyccouncil.info

or even:

ping nyccouncil.info

Lyle

Last edited by lyle_s; 03-02-2005 at 08:17 AM.
 
Old 03-02-2005, 02:19 PM   #11
greenthing
Member
 
Registered: Jan 2005
Distribution: Suse 9.3 pro
Posts: 116

Original Poster
Rep: Reputation: 15
ok it worked

the iptables where cleared and now looks like this:

Code:
ad:/home/gr/Desktop/temp # iptables --list
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ping before running the commands and scripts:


Code:
gr@ad:~> ping www.nyccouncil.info/
ping: unknown host www.nyccouncil.info/
after:

Code:
gr@ad:~> ping www.nyccouncil.info
PING nyccouncil.info (205.247.142.195) 56(84) bytes of data.
From sl-cityo22-1-1.sprintlink.net (144.223.74.198): icmp_seq=2 Packet filtered
From sl-cityo22-1-1.sprintlink.net (144.223.74.198) icmp_seq=2 Packet filtered
From sl-cityo22-1-0.sprintlink.net (144.223.74.194) icmp_seq=3 Packet filtered
From sl-cityo22-1-0.sprintlink.net (144.223.74.194) icmp_seq=4 Packet filtered
From sl-cityo22-1-1.sprintlink.net (144.223.74.198) icmp_seq=6 Packet filtered

--- nyccouncil.info ping statistics ---
6 packets transmitted, 0 received, +5 errors, 100% packet loss, time 5000ms
so it all seems to be working.
i would like to do one last thing for me though please ping www.nyccouncil.info to make sure that the packet filtered thing isnt because of me.

Thanks alot for your help.
 
Old 03-03-2005, 08:15 AM   #12
lyle_s
Member
 
Registered: Jul 2003
Distribution: Slackware
Posts: 388

Rep: Reputation: 52
Code:
lyle@bowman:~$ ping www.nyccouncil.info
PING nyccouncil.info (205.247.142.195) 56(84) bytes of data.
From sl-cityo22-1-0.sprintlink.net (144.223.74.194) icmp_seq=1 Packet filtered
From sl-cityo22-1-0.sprintlink.net (144.223.74.194) icmp_seq=3 Packet filtered
From sl-cityo22-1-1.sprintlink.net (144.223.74.198) icmp_seq=4 Packet filtered

--- nyccouncil.info ping statistics ---
4 packets transmitted, 0 received, +3 errors, 100% packet loss, time 3013ms
Be careful not to include the trailing slash in the hostname when using ping; when ping does the DNS lookup, it won't find anything with a trailing slash, and ping will report "unknown host."

You're welcome,
Lyle
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
IPTable rules RecoilUK Linux - Security 1 05-27-2005 07:25 PM
Verifying IPTable rules... Ateo Linux - Networking 1 02-02-2005 03:33 PM
Help with IPtable Rules aqoliveira Linux - Security 3 12-10-2003 10:00 AM
iptable-rules for eDonkey? grubjo Linux - Networking 2 08-01-2002 06:38 AM
Iptable rules for Gnutella al_erola Linux - Security 5 03-06-2002 03:21 AM


All times are GMT -5. The time now is 08:47 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration