LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 10-12-2016, 03:32 PM   #31
Fardad74
Member
 
Registered: Jan 2016
Posts: 50

Original Poster
Blog Entries: 1

Rep: Reputation: Disabled

Quote:
Originally Posted by c0wb0y View Post
Sorry it's my bad, ss won't show ipv6 connection without explicitly telling it like

ss -46tlna


Now, I want you to confirm they are in the same virtual switch, check IP/subnet mask. You can forget about default gateway/DNS for now. Selinux off for now. Let tcpdump running, tail the output of httpd, then ping from Windows AND browse from there
Yes yes , it's showing http listen:

[root@localhost ~]# ss -46tla
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 5 192.168.122.1:domain *:*
LISTEN 0 128 *:ssh *:*
LISTEN 0 128 127.0.0.1:ipp *:*
LISTEN 0 100 127.0.0.1:smtp *:*
CLOSE-WAIT 1 0 192.168.2.128:44877 192.168.2.128:http
LISTEN 0 128 :::http :::*
LISTEN 0 128 :::ssh :::*
LISTEN 0 128 ::1:ipp :::*
LISTEN 0 100 ::1:smtp :::*
 
Old 10-12-2016, 03:44 PM   #32
Fardad74
Member
 
Registered: Jan 2016
Posts: 50

Original Poster
Blog Entries: 1

Rep: Reputation: Disabled
yes they are in same subnet and vmnet8 switch .
one thing is that when tcpdump is running and then i ping from windows 192.168.2.128 (ping is successful although), the tcpdump output have no change!
 
Old 10-12-2016, 04:23 PM   #33
c0wb0y
Member
 
Registered: Jan 2012
Location: Inside the oven
Distribution: Windows
Posts: 417

Rep: Reputation: 74
Issue

arp -a

on both machines, then check if the MAC matches the other. CentOS might not have arp installed, so can use

ip link ls <CentOS Int>
tcpdump -tni <CentOS int> icmp

If you still don't get any ping traffic, I suspect that Windows is pinging a wrong node.
 
1 members found this post helpful.
Old 10-12-2016, 04:39 PM   #34
Fardad74
Member
 
Registered: Jan 2016
Posts: 50

Original Poster
Blog Entries: 1

Rep: Reputation: Disabled
Quote:
Originally Posted by c0wb0y View Post
Issue

arp -a

on both machines, then check if the MAC matches the other. CentOS might not have arp installed, so can use

ip link ls <CentOS Int>
tcpdump -tni <CentOS int> icmp

If you still don't get any ping traffic, I suspect that Windows is pinging a wrong node.
[root@localhost logs]# arp -a

? (192.168.2.1) at 00:50:56:c0:00:08 [ether] on eno16777736
? (192.168.2.2) at 00:50:56:f3:8d:b5 [ether] on eno16777736
Attached Thumbnails
Click image for larger version

Name:	Screenshot (12).png
Views:	32
Size:	133.0 KB
ID:	23229  
 
Old 10-12-2016, 04:43 PM   #35
Fardad74
Member
 
Registered: Jan 2016
Posts: 50

Original Poster
Blog Entries: 1

Rep: Reputation: Disabled
Take a look on these , too.
Attached Thumbnails
Click image for larger version

Name:	Screenshot (13).png
Views:	30
Size:	115.7 KB
ID:	23230   Click image for larger version

Name:	Screenshot (14).png
Views:	27
Size:	67.4 KB
ID:	23231   Click image for larger version

Name:	Screenshot from 2016-10-13 01-14-06.png
Views:	30
Size:	203.2 KB
ID:	23232  

Last edited by Fardad74; 10-12-2016 at 04:46 PM.
 
Old 10-12-2016, 05:01 PM   #36
c0wb0y
Member
 
Registered: Jan 2012
Location: Inside the oven
Distribution: Windows
Posts: 417

Rep: Reputation: 74
Quote:
Originally Posted by c0wb0y View Post
ip link ls <CentOS Int>
Thanks for the screen shots.

Now go back to CentOS, get the ouput of the command above. Check if the MAC address is: 00:0C:29:89:C9:EA (as per your screen shot).
 
1 members found this post helpful.
Old 10-12-2016, 05:02 PM   #37
Fardad74
Member
 
Registered: Jan 2016
Posts: 50

Original Poster
Blog Entries: 1

Rep: Reputation: Disabled
Post

Thank you c0wb0y . some meaningfull information i just catched from tcpdump:

IP 192.168.2.1 > 192.168.2.128: ICMP echo request, id 1, seq 24, length 40
IP 192.168.2.128 > 192.168.2.1: ICMP echo reply, id 1, seq 24, length 40
IP 192.168.2.128 > 192.168.2.1: ICMP host 192.168.2.128 unreachable - admin prohibited, length 60
IP 192.168.2.128 > 192.168.2.1: ICMP host 192.168.2.128 unreachable - admin prohibited, length 56

IP 192.168.2.128 > 192.168.2.1: ICMP echo request, id 10431, seq 1, length 64
IP 192.168.2.128 > 192.168.2.1: ICMP echo request, id 10431, seq 2, length 64
IP 192.168.2.128 > 192.168.2.1: ICMP echo request, id 10431, seq 3, length 64
IP 192.168.2.128 > 192.168.2.1: ICMP echo request, id 10431, seq 4, length 64
IP 192.168.2.128 > 192.168.2.1: ICMP echo request, id 10431, seq 5, length 64
IP 192.168.2.128 > 192.168.2.1: ICMP echo request, id 10431, seq 6, length 64
IP 192.168.2.128 > 192.168.2.1: ICMP echo request, id 10431, seq 7, length 64
IP 192.168.2.128 > 192.168.2.1: ICMP echo request, id 10431, seq 8, length 64
IP 192.168.2.128 > 192.168.2.1: ICMP echo request, id 10431, seq 9, length 64

i think if i solve this unreachable - admin prohibited , then i can see that htnml page on windows. because i think both agree that all other things is OK. isn't it?

Last edited by Fardad74; 10-12-2016 at 05:04 PM.
 
Old 10-12-2016, 05:13 PM   #38
c0wb0y
Member
 
Registered: Jan 2012
Location: Inside the oven
Distribution: Windows
Posts: 417

Rep: Reputation: 74
Firewall or SELInux seem to be blocking icmps. Turn them off temporarily.

Code:
setenforce 0 && iptables -F && iptables -nvL
 
1 members found this post helpful.
Old 10-12-2016, 05:13 PM   #39
Fardad74
Member
 
Registered: Jan 2016
Posts: 50

Original Poster
Blog Entries: 1

Rep: Reputation: Disabled
[root@localhost logs]# traceroute 192.168.2.1
traceroute to 192.168.2.1 (192.168.2.1), 30 hops max, 60 byte packets
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
[root@localhost logs]#
 
Old 10-12-2016, 05:19 PM   #40
Fardad74
Member
 
Registered: Jan 2016
Posts: 50

Original Poster
Blog Entries: 1

Rep: Reputation: Disabled
Talking

Quote:
Originally Posted by c0wb0y View Post
Firewall or SELInux seem to be blocking icmps. Turn them off temporarily.

Code:
setenforce 0 && iptables -F && iptables -nvL
YYYYYYYYEEEESSSSS!!
Attached Thumbnails
Click image for larger version

Name:	Screenshot (15).png
Views:	48
Size:	42.5 KB
ID:	23233  
 
Old 10-12-2016, 05:22 PM   #41
c0wb0y
Member
 
Registered: Jan 2012
Location: Inside the oven
Distribution: Windows
Posts: 417

Rep: Reputation: 74
Your traceroute ouput just confirmed my suspicion that interface 2.1 is not accepting icmp as denoted by '*'. Traceroute, btw, is less usefull in this instance as nodes are on the same subnet.
 
1 members found this post helpful.
Old 10-12-2016, 05:22 PM   #42
Fardad74
Member
 
Registered: Jan 2016
Posts: 50

Original Poster
Blog Entries: 1

Rep: Reputation: Disabled
Thumbs up Finally done

Thanks from all who are helped me specially c0wb0y
 
Old 10-12-2016, 05:25 PM   #43
c0wb0y
Member
 
Registered: Jan 2012
Location: Inside the oven
Distribution: Windows
Posts: 417

Rep: Reputation: 74
Glad to hear you got it going.

Now, will you please marked it as [SOLVED].
 
1 members found this post helpful.
Old 10-12-2016, 05:26 PM   #44
Fardad74
Member
 
Registered: Jan 2016
Posts: 50

Original Poster
Blog Entries: 1

Rep: Reputation: Disabled
Quote:
Originally Posted by c0wb0y View Post
Your traceroute ouput just confirmed my suspicion that interface 2.1 is not accepting icmp as denoted by '*'. Traceroute, btw, is less usefull in this instance as nodes are on the same subnet.
Should i bring back firewalls again? it's neccesary? i'm just using this centos for learning and experiment.
 
Old 10-12-2016, 05:27 PM   #45
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Abingdon, VA
Distribution: Catalina
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
Disabling SELinux is safe?
 
1 members found this post helpful.
  


Reply

Tags
apache, httpd server, server


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Virtual server only brings up default Apache page \/4A Linux - Server 2 12-29-2014 03:02 AM
web page on apache server query a MS Access database chackercon Programming 2 01-19-2010 10:22 AM
apache web server default page link tuxrules Linux - Newbie 9 07-10-2004 05:22 PM
I cant change the default test page in apache server to add my page.y nhemapriya Linux - Newbie 3 05-13-2004 12:35 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 11:19 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration