As an aside, here are some logs from the firewall. The first includes all outgoing and incoming packets, the second is just outgoing. The broken box is 10.20.30.37. In these attempts, I tried to telnet from the machine to 207.192.128.40 (an ISP in Maryland). A machine next to the one that doesn't work is 10.20.30.38 -- you can see that it connects just fine. 10.20.30.1 is the gateway and inside ip address of the firewall.
I am not an expert at looking at NETGEAR logs, but it seems to me that the firewall is not *dropping* the packets, but is not seeing them... Attempt1: Fri, 2008-08-29 07:04:27] - ICMP Packet[Router Advertisement] - Source: 10.20.30.37,LAN - Destination:10.20.30.1,WAN [Forward] - [Outbound Default rule match] [Fri, 2008-08-29 07:04:28] - ICMP Packet[Router Advertisement] - Source:10.20.30.37,LAN - Destination:10.20.30.1,WAN [Forward] - [session exists] [Fri, 2008-08-29 07:04:33] - TCP Packet - Source: 10.20.30.38,56734 ,LAN - Destination:207.192.128.40,23[TELNET] ,WAN [Forward] - [Outbound Default rule match] [Fri, 2008-08-29 07:04:36] - TCP Packet - Source: 198.232.70.10,37798 ,WAN - Destination:10.10.0.3,2223 ,LAN [Forward] - [Inbound rule match] Attempt2: [Fri, 2008-08-29 07:15:17] - ICMP Packet[Timestamp Request] - Source: 10.20.30.49,LAN - Destination:128.231.2.3,WAN [Forward] - [Outbound Default rule match] [Fri, 2008-08-29 07:15:19] - TCP Packet - Source: 10.20.30.72,41153 ,LAN - Destination:10.1.15.50,9100 ,WAN [Forward] - [Outbound Default rule match] [Fri, 2008-08-29 07:15:31] - TCP Packet - Source: 10.20.30.38,55833 ,LAN - Destination:207.192.128.40,23[TELNET] ,WAN [Forward] - [Outbound Default rule match] [Fri, 2008-08-29 07:15:36] - UDP Packet - Source: 10.20.30.37,123[NTP] ,LAN - Destination:172.16.8.110,123[NTP] ,WAN [Forward] - [Outbound Default rule match] [Fri, 2008-08-29 07:15:45] - UDP Packet - Source: 10.20.30.37,123[NTP] ,LAN - Destination:172.16.8.111,123[NTP] ,WAN [Forward] - [Outbound Default rule match] [Fri, 2008-08-29 07:15:57] - ICMP Packet[Router Solicitation] - Source: 10.20.30.40,LAN - Destination:10.20.30.1,WAN [Forward] - [Outbound Default rule match] [Fri, 2008-08-29 07:15:58] - ICMP Packet[Router Solicitation] - Source: 10.20.30.49,LAN - Destination:10.20.30.1,WAN [Forward] - [Outbound Default rule match] [Fri, 2008-08-29 07:15:58] - ICMP Packet[Router Solicitation] - Source: 10.20.30.50,LAN - Destination:10.20.30.1,WAN [Forward] - [Outbound Default rule match] [Fri, 2008-08-29 07:15:59] - ICMP Packet[Router Solicitation] - Source: 10.20.30.40,LAN - Destination:10.20.30.1,WAN [Forward] - [session exists] [Fri, 2008-08-29 07:16:00] - TCP Packet - Source: 10.20.30.39,50605 ,LAN - Destination:149.236.17.13,9100 ,WAN [Forward] - [Outbound Default rule match] [Fri, 2008-08-29 07:16:00] - ICMP Packet[Router Solicitation] - Source: 10.20.30.69,LAN - Destination:10.20.30.1,WAN [Forward] - [Outbound Default rule match] Thanks! billo On Aug 29, 10:25 am, "Jeremiah Bess" <[EMAIL PROTECTED]> wrote: > what is the firewall you are running on the network? > > Jeremiah E. Bess > Network Ninja, Penguin Geek, Father of four > > On Fri, Aug 29, 2008 at 7:52 AM, billo <[EMAIL PROTECTED]> wrote: > > > My previous reply doesn't seem to have made it here yet. I'll repost > > it if necessary, but here's some more info. The tcpdump looks OK. > > Here's a telnet attempt: > > > 08:45:27.779256 myplace.com.32849 > otherplace.com.telnet: SWE [tcp > > sum ok] 3162274411:3162274411(0) win 5840 <mss 1460,sackOK,timestamp > > 73038709 0,nop,wscale 0> (DF) [tos 0x10] (ttl 64, id 286, len 60) > > 08:45:30.781473 myplace.com.32849 > otherplace.com.telnet: SWE [tcp > > sum ok] 3162274411:3162274411(0) win 5840 <mss 1460,sackOK,timestamp > > 73041782 0,nop,wscale 0> (DF) [tos 0x10] (ttl 64, id 287, len 60) > > ... > > and on and on > > > I don't know how to check to make sure it's hitting the gateway, but I > > do know that it is set correctly. netstat -rn shows the correct > > gateway, and /etc/sysconfig/network-scripts/ifcfg-eth0 is: > > > DEVICE=eth0 > > ONBOOT=yes > > BOOTPROTO=none > > TYPE=Ethernet > > NETMASK=255.255.255.0 > > IPADDR=10.20.30.37 > > USERCTL=no > > PEERDNS=yes > > GATEWAY=10.20.30.1 <---- correct ! > > DOMAIN=myplace.com > > > netstat -rn shows: > > > Kernel IP routing table > > Destination Gateway Genmask Flags MSS Window > > irtt Iface > > 10.20.30.0 0.0.0.0 255.255.255.0 U 0 0 > > 0 eth0 > > 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 > > 0 eth0 > > 0.0.0.0 10.20.30.1 0.0.0.0 UG 0 0 > > 0 eth0 > > > Both of these are identical to that in machines that work (with the > > exception of the box ip address, of course). > > > billo --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Linux Users Group. To post a message, send email to [email protected] To unsubscribe, send email to [EMAIL PROTECTED] For more options, visit our group at http://groups.google.com/group/linuxusersgroup -~----------~----~----~----~------~----~------~--~---
