John Summerfield wrote:
Taylan Yetkin wrote:
Both ping and traceroute the host from fermi machines returns
success. I need some time to understand the use of tcpdump.
thanks,
Taylan
There's a fair chance there's a problematic firewall rule. Some examples
that can confuse the issue.
I can reach (ping) that host from here. Here's is what tcpdump shows me
when I telnet to it:
08:35:27.548153 IP neutralino.physics.uiowa.edu >
dsl-58-6-192-22.wa.westnet.com.au: icmp 68: host
neutralino.physics.uiowa.edu unreachable - admin prohibited
I interpret this as a firewall difficulty, the firewall is rejecting the
traffic with the excuse "icmp-admin-prohibited" which seems fairly sensible.
Same if I try port 25.
smtp connexions from some locations to my gateway are forward using a
DNAT rule to an internal system. If the internal system's down, a "host
unreachable" response goes back, but ping and traceroute would work.
When an unwelcome packet arrives at my gateway, I can choose to ignore
it (DROP in iptables) or REJECT it. If I REJECT, I can add the excuse
"icmp-host-unreachable."
A good start with tcpdump is something like this:
tcpdump -i eth0 -s 8888 host cvs-server
or use wireshark which has the same abilities and a GUI to guide the
beginner.
--
Cheers
John
-- spambait
[EMAIL PROTECTED] [EMAIL PROTECTED]
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375
You cannot reply off-list:-)
