Re: [suse-laptop] netzwerk-frage (sorry für möglicherweise ot)

Martin Röhricht wrote:

Mmh, schwierig. Vielleicht stimmt etwas mit dem Routing nicht (route -n), immerhin kommt ja schon kein ping mehr an. Du arbeitest also nur mit einer einfachen IP für den entfernten Rechner? Sonst kommst Du also vom Linuxrechner aus überall weltweit raus? Was sagt denn ein # iptables -L bezüglich der Firewall auf Deinem Rechner und auf dem entfernten? Vielleicht wird schon etwas von einem dazwischenliegenden Router blockiert?

Martin

Der Output von route -n ist: Kernel IP Routentabelle Ziel Router Genmask Flags Metric Ref Use Iface 131.130.181.128 0.0.0.0 255.255.255.128 U 0 0 0 eth0 10.0.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 10.0.1.1 0.0.0.0 UG 0 0 0 wlan0 Die Verbindung läuft über wlan0. Der von iptables -L auf der lokalen Maschine hier: Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere LOG all -- anywhere 255.255.255.255 LOG level warning tcp-options ip-options prefix `SFW2-DROP-BCASTe ' DROP all -- anywhere 255.255.255.255 LOG all -- anywhere 131.130.181.255 LOG level warning tcp-options ip-options prefix `SFW2-DROP-BCASTe ' DROP all -- anywhere 131.130.181.255 LOG all -- anywhere 255.255.255.255 LOG level warning tcp-options ip-options prefix `SFW2-DROP-BCASTe ' DROP all -- anywhere 255.255.255.255 LOG all -- anywhere 255.255.255.255 LOG level warning tcp-options ip-options prefix `SFW2-DROP-BCASTe ' DROP all -- anywhere 255.255.255.255 LOG all -- anywhere 131.130.181.255 LOG level warning tcp-options ip-options prefix `SFW2-DROP-BCASTe ' DROP all -- anywhere 131.130.181.255 LOG all -- anywhere 255.255.255.255 LOG level warning tcp-options ip-options prefix `SFW2-DROP-BCASTe ' DROP all -- anywhere 255.255.255.255 input_ext all -- anywhere anywhere input_ext all -- anywhere anywhere LOG all -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SFW2-IN-ILL-TARGET ' DROP all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere forward_ext all -- anywhere anywhere forward_ext all -- anywhere anywhere LOG all -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SFW2-FWD-ILL-ROUTING ' DROP all -- anywhere anywhere ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED LOG all -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SFW2-FORWARD-ERROR ' Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere LOG icmp -- anywhere anywhere icmp time-exceeded LOG level warning tcp-options ip-options prefix `SFW2-OUT-TRACERT-ATTEMPT ' ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp port-unreachable ACCEPT icmp -- anywhere anywhere icmp fragmentation-needed ACCEPT icmp -- anywhere anywhere icmp network-prohibited ACCEPT icmp -- anywhere anywhere icmp host-prohibited ACCEPT icmp -- anywhere anywhere icmp communication-prohibited DROP icmp -- anywhere anywhere icmp destination-unreachable ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED LOG all -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SFW2-OUTPUT-ERROR ' Chain forward_dmz (0 references) target prot opt source destination LOG all -- anywhere ilkb.istb.univie.ac.at LOG level warning tcp-options ip-options prefix `SFW2-FWDdmz-DROP-CIRCUMV ' DROP all -- anywhere ilkb.istb.univie.ac.at LOG all -- anywhere 10.0.1.6 LOG level warning tcp-options ip-options prefix `SFW2-FWDdmz-DROP-CIRCUMV ' DROP all -- anywhere 10.0.1.6 ACCEPT icmp -- anywhere anywhere state RELATED icmp destination-unreachable ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp echo-reply ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED LOG all -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SFW2-FWDdmz-DROP-DEFLT ' DROP all -- anywhere anywhere Chain forward_ext (2 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere state RELATED icmp destination-unreachable ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp echo-reply ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED LOG all -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SFW2-FWDext-DROP-DEFLT ' DROP all -- anywhere anywhere Chain forward_int (0 references) target prot opt source destination LOG all -- anywhere ilkb.istb.univie.ac.at LOG level warning tcp-options ip-options prefix `SFW2-FWDint-DROP-CIRCUMV ' DROP all -- anywhere ilkb.istb.univie.ac.at LOG all -- anywhere 10.0.1.6 LOG level warning tcp-options ip-options prefix `SFW2-FWDint-DROP-CIRCUMV ' DROP all -- anywhere 10.0.1.6 ACCEPT icmp -- anywhere anywhere state RELATED icmp destination-unreachable ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp echo-reply ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED LOG all -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SFW2-FWDint-DROP-DEFLT ' DROP all -- anywhere anywhere Chain input_dmz (0 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp echo-reply ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp destination-unreachable ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp time-exceeded ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp parameter-problem ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp timestamp-reply ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp address-mask-reply LOG icmp -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP-ICMP ' DROP icmp -- anywhere anywhere LOG tcp -- anywhere anywhere tcp dpt:ident flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INdmz-REJECT ' reject_func tcp -- anywhere anywhere tcp dpt:ident flags:SYN,RST,ACK/SYN LOG tcp -- anywhere anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP ' DROP tcp -- anywhere anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN LOG tcp -- anywhere anywhere tcp dpt:http flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP ' DROP tcp -- anywhere anywhere tcp dpt:http flags:SYN,RST,ACK/SYN LOG tcp -- anywhere anywhere tcp dpt:sunrpc flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP ' DROP tcp -- anywhere anywhere tcp dpt:sunrpc flags:SYN,RST,ACK/SYN LOG tcp -- anywhere anywhere tcp dpt:ipp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP ' DROP tcp -- anywhere anywhere tcp dpt:ipp flags:SYN,RST,ACK/SYN LOG tcp -- anywhere anywhere tcp dpt:mysql flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP ' DROP tcp -- anywhere anywhere tcp dpt:mysql flags:SYN,RST,ACK/SYN LOG tcp -- anywhere anywhere state RELATED,ESTABLISHED tcp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INdmz-ACC-HiTCP ' ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED LOG udp -- anywhere anywhere udp dpt:ssh state NEW LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP ' DROP udp -- anywhere anywhere udp dpt:ssh state NEW LOG udp -- anywhere anywhere udp dpt:bootpc state NEW LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP ' DROP udp -- anywhere anywhere udp dpt:bootpc state NEW LOG udp -- anywhere anywhere udp dpt:http state NEW LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP ' DROP udp -- anywhere anywhere udp dpt:http state NEW LOG udp -- anywhere anywhere udp dpt:sunrpc state NEW LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP ' DROP udp -- anywhere anywhere udp dpt:sunrpc state NEW LOG udp -- anywhere anywhere udp dpt:sunrpc state NEW LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP ' DROP udp -- anywhere anywhere udp dpt:sunrpc state NEW LOG udp -- anywhere anywhere udp dpt:ipp state NEW LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP ' DROP udp -- anywhere anywhere udp dpt:ipp state NEW LOG udp -- anywhere anywhere udp dpt:ipp state NEW LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP ' DROP udp -- anywhere anywhere udp dpt:ipp state NEW LOG udp -- anywhere anywhere udp dpt:mysql state NEW LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP ' DROP udp -- anywhere anywhere udp dpt:mysql state NEW LOG all -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SFW2-INdmz-DROP-DEFLT ' DROP all -- anywhere anywhere Chain input_ext (2 references) target prot opt source destination LOG icmp -- anywhere anywhere icmp source-quench LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-SOURCEQUENCH ' ACCEPT icmp -- anywhere anywhere icmp source-quench LOG icmp -- anywhere anywhere icmp source-quench LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-SOURCEQUENCH ' ACCEPT icmp -- anywhere anywhere icmp source-quench ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp echo-reply ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp destination-unreachable ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp time-exceeded ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp parameter-problem ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp timestamp-reply ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp address-mask-reply LOG icmp -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-ICMP ' DROP icmp -- anywhere anywhere LOG tcp -- anywhere anywhere tcp dpts:6881:muse flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP ' ACCEPT tcp -- anywhere anywhere state NEW,RELATED,ESTABLISHED tcp dpts:6881:muse LOG tcp -- anywhere anywhere tcp dpt:acmsoda flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP ' ACCEPT tcp -- anywhere anywhere state NEW,RELATED,ESTABLISHED tcp dpt:acmsoda LOG tcp -- anywhere anywhere tcp dpt:http flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP ' ACCEPT tcp -- anywhere anywhere state NEW,RELATED,ESTABLISHED tcp dpt:http LOG tcp -- anywhere anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP ' ACCEPT tcp -- anywhere anywhere state NEW,RELATED,ESTABLISHED tcp dpt:ssh LOG tcp -- anywhere anywhere tcp dpt:ident flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-REJECT ' reject_func tcp -- anywhere anywhere tcp dpt:ident flags:SYN,RST,ACK/SYN LOG tcp -- anywhere anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP ' DROP tcp -- anywhere anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN LOG tcp -- anywhere anywhere tcp dpt:http flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP ' DROP tcp -- anywhere anywhere tcp dpt:http flags:SYN,RST,ACK/SYN LOG tcp -- anywhere anywhere tcp dpt:sunrpc flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP ' DROP tcp -- anywhere anywhere tcp dpt:sunrpc flags:SYN,RST,ACK/SYN LOG tcp -- anywhere anywhere tcp dpt:ipp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP ' DROP tcp -- anywhere anywhere tcp dpt:ipp flags:SYN,RST,ACK/SYN LOG tcp -- anywhere anywhere tcp dpt:mysql flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP ' DROP tcp -- anywhere anywhere tcp dpt:mysql flags:SYN,RST,ACK/SYN LOG tcp -- anywhere anywhere state RELATED,ESTABLISHED tcp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-HiTCP ' ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED LOG udp -- anywhere anywhere udp dpt:ssh state NEW LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP ' DROP udp -- anywhere anywhere udp dpt:ssh state NEW LOG udp -- anywhere anywhere udp dpt:bootpc state NEW LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP ' DROP udp -- anywhere anywhere udp dpt:bootpc state NEW LOG udp -- anywhere anywhere udp dpt:http state NEW LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP ' DROP udp -- anywhere anywhere udp dpt:http state NEW LOG udp -- anywhere anywhere udp dpt:sunrpc state NEW LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP ' DROP udp -- anywhere anywhere udp dpt:sunrpc state NEW LOG udp -- anywhere anywhere udp dpt:sunrpc state NEW LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP ' DROP udp -- anywhere anywhere udp dpt:sunrpc state NEW LOG udp -- anywhere anywhere udp dpt:ipp state NEW LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP ' DROP udp -- anywhere anywhere udp dpt:ipp state NEW LOG udp -- anywhere anywhere udp dpt:ipp state NEW LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP ' DROP udp -- anywhere anywhere udp dpt:ipp state NEW LOG udp -- anywhere anywhere udp dpt:mysql state NEW LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP ' DROP udp -- anywhere anywhere udp dpt:mysql state NEW ACCEPT udp -- anywhere anywhere state ESTABLISHED udp dpts:61000:65095 LOG all -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT ' DROP all -- anywhere anywhere Chain input_int (0 references) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp echo-reply ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp destination-unreachable ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp time-exceeded ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp parameter-problem ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp timestamp-reply ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED icmp address-mask-reply LOG icmp -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SFW2-INint-DROP-ICMP ' DROP icmp -- anywhere anywhere LOG tcp -- anywhere anywhere tcp dpt:ident flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INint-REJECT ' reject_func tcp -- anywhere anywhere tcp dpt:ident flags:SYN,RST,ACK/SYN LOG tcp -- anywhere anywhere state RELATED,ESTABLISHED tcp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INint-ACC-HiTCP ' ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED LOG all -- anywhere anywhere LOG level warning tcp-options ip-options prefix `SFW2-INint-DROP-DEFLT ' DROP all -- anywhere anywhere Chain reject_func (3 references) target prot opt source destination REJECT tcp -- anywhere anywhere reject-with tcp-reset REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable REJECT all -- anywhere anywhere reject-with icmp-proto-unreachable ---------------------------------------------- Kann man daraus erkennen, wo's hakt? (Ich kann das leider nicht.) Vielen Dank! Birgit Kellner