On 04/16/10 11:24, Per Jessen wrote:
Sinisa wrote:
On 04/16/10 10:08, Per Jessen wrote:
Siniša Bandin wrote:
The strangest thing is that when I run tcpdump in one window, and ping (or anything else) in another, tcpdump shows that traffic is going out (ARP request) and that ARP reply is coming back in, but the rest of the system seems to just ignore it.
Do you also see the ICMP packets and does the target machine see them?
Well, yes, now that I think of it, my machine learns target machine's MAC and then starts sending ICMP packets, and tcpdump shows that replies are coming back, but ping shows nothing.
That's a very key bit of information. We now know that address resoltuion is working, that ICMP packets are sent AND received. Presumably your ping just show timeouts? It sounds very much like a firewall issue - what does 'iptables --list -n' show?
Also, when I try to access problematic machine from other host, I can see packets coming in (in tcpdump) but no reply from services on my system (normaly I have at least ssh, openvpn and named running at all times)
Firewall.
Suse firewall is disabled (I never use it anyway), and my custom firewall script is disabled also. # iptables -L -n Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination # iptables -L -n -t nat Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination You have mail in /var/mail/root # iptables -L -n -t mangle Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination # iptables -L -n -t filter Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org