Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
hello! i am currently experiencing a problem on my gateway machine where localhost does not seem to be accepting connections, i have been trying to get 2 programs to work, c-icap/havp, which at first i thought was because of some other unknown issue, but when i tried the programs on another one of my machines running debian as well, both worked perfectly fine, but on the gateway machine every attempt that a program makes to connect to localhost just ends up timing out :/ i have checked multiple things including the etc/hosts file and etc/network/interfaces, but both seem normal, the one thing that i think could possibly be the issue is iptables as the other debian server (the one that is working fine) does not have any rules set for iptables as the gateway machine take care of that. i have included the contents of the file that i use to restore iptables settings, just in case there is a mistake i have made. also forgot to note that localhost does respond to pings, it just refuses to make connections. any help would be greatly appreciated as i really have no clue what is causing this problem, thanks!
Code:
# Generated by iptables-save v1.4.8 on Wed Mar 7 21:28:31 2012
*nat
:PREROUTING ACCEPT [3119:515146]
:POSTROUTING ACCEPT [152:9120]
:OUTPUT ACCEPT [3441:241083]
-A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.111:80
-A PREROUTING -i eth0 -p tcp -m tcp --dport 22000 -j DNAT --to-destination 192.168.1.111:22000
-A PREROUTING -i eth0 -p tcp -m tcp --dport 25598 -j DNAT --to-destination 192.168.1.111:25598
-A PREROUTING -i eth0 -p tcp -m tcp --dport 25596 -j DNAT --to-destination 192.168.1.111:25596
-A PREROUTING -i eth0 -p tcp -m tcp --dport 25566 -j DNAT --to-destination 192.168.1.101:25566
-A PREROUTING -i eth0 -p udp -m udp --dport 5008 -j DNAT --to-destination 192.168.1.198:5008
-A PREROUTING -i eth0 -p udp -m udp --dport 5009 -j DNAT --to-destination 192.168.1.198:5009
-A PREROUTING -i eth0 -p udp -m udp --dport 5010 -j DNAT --to-destination 192.168.1.198:5010
-A PREROUTING -i eth0 -p udp -m udp --dport 5011 -j DNAT --to-destination 192.168.1.198:5011
-A PREROUTING -i eth0 -p tcp -m tcp --dport 5800 -j DNAT --to-destination 192.168.1.100:5800
-A PREROUTING -i eth0 -p tcp -m tcp --dport 5900 -j DNAT --to-destination 192.168.1.100:5900
-A PREROUTING -i br0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.1:3128
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Wed Mar 7 21:28:31 2012
# Generated by iptables-save v1.4.8 on Wed Mar 7 21:28:31 2012
*filter
:INPUT DROP [10935:3517801]
:FORWARD ACCEPT [28:1532]
:OUTPUT ACCEPT [0:0]
-A INPUT -s 192.168.1.0/24 -i br0 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22000 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25566 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25596 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25598 -j ACCEPT
-A INPUT -p udp -m udp --dport 5008 -j ACCEPT
-A INPUT -p udp -m udp --dport 5009 -j ACCEPT
-A INPUT -p udp -m udp --dport 5010 -j ACCEPT
-A INPUT -p udp -m udp --dport 5011 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5800 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5900 -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A FORWARD -i eth0 -o Br0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i br0 -o eth0 -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -j ACCEPT
COMMIT
# Completed on Wed Mar 7 21:28:31 2012
You'll need to do a tcpdump and see what is happening with the interface at this point, unless another member can point out a rule in your list that is causing the problem that I am over-looking.
hello, here is what i get when i try to communicate with processes that should be running on localhost, also i had forgotten to mention that when i try to startup the c-icap server (one of the two things that have problems, im thinking their both rooted in the same cause) the c-icap debug will complain about not being able to bind to its socket, whereas it binds just fine on the other box without changing any settings, i got these logs by using c-icap-client which pretty much queries the c-icap server for its status and such, the logs in tcpdump stopped showing once the c-icap-client timed out.
Code:
root@Kingston:~/c_icap-0.1.7# tcpdump -n -i lo
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on lo, link-type EN10MB (Ethernet), capture size 65535 bytes
20:45:31.316751 IP 127.0.0.1.47886 > 127.0.0.1.1344: Flags [S], seq 3097052626, win 32792, options [mss 16396,sackOK,TS val 720128389 ecr 0,nop,wscale 6], length 0
20:45:34.313598 IP 127.0.0.1.47886 > 127.0.0.1.1344: Flags [S], seq 3097052626, win 32792, options [mss 16396,sackOK,TS val 720129139 ecr 0,nop,wscale 6], length 0
20:45:40.313619 IP 127.0.0.1.47886 > 127.0.0.1.1344: Flags [S], seq 3097052626, win 32792, options [mss 16396,sackOK,TS val 720130639 ecr 0,nop,wscale 6], length 0
^C
3 packets captured
6 packets received by filter
0 packets dropped by kernel
hooray actually it did turn out to be iptables, i had apparently just had the entries for allowing localhost messed up a little, i love iptables for its power and abilities, but still have a difficult time with it sometimes :/ thanks alot for your help though, really appreciate it
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.