On 2002.01.02 22:19 Jor-el wrote: > The hostnames in your prev. post were truncated and it was hard to guess > how the routing was setup. > Here is an easier to read routing table: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 216.86.213.93 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 216.86.213.94 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 216.86.213.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 216.86.213.1 0.0.0.0 UG 1 0 0 eth0
> Also try the following : from B / C, do > 1. traceroute A > 2. traceroute A -s C > traceroute A works as expected. However traceroute A -s C results in: 1 traceroute: wrote 24.52.153.102 38 chars, ret=-1 *traceroute: wrote 24.52.153.102 38 chars, ret=-1 *traceroute: wrote 24.52.153.102 38 chars, ret=-1 Note: each of the above lines were preceded by: traceroute: sendto: Operation not permitted which for somereason wasn't included in the output of traceroute A -s C > traceroute I've noticed this on a few other procedures I've tried to do, but it isn't really that big of a deal to add the other information. But I know there is a way to capture the screen, I just don't know how to do it. > On A, monitor the traffic using a filter for src = A or dst = A > and post the results. I don't think that I can do this. A is a D-Link Wireless cable modem/dsl router. I tried it anyway and didn't pick up anything from things that I know work. > > > Jan 2 15:23:46 hostname kernel: Packet log: input DENY eth0 PROTO=1 > > MACHINEA:8 IPADDRC:0 L=92 S=0x00 I=0 F=0x4000 T=43 (#9) > > > I dont know what this log entry means. Its possible that you have > a firewall problem but your symptoms are more indicative of a routing > problem. Perhaps the output of 'ipchains -L -v -n' would help (Note: I > run > iptables and I'm guessing that its options are similar to ipchains. The > -n > will produce numeric, rather than symbolic output). > That worked just fine, here is the output: Chain input (policy ACCEPT: 0 packets, 0 bytes): pkts bytes target prot opt tosa tosx ifname mark outsize source destination ports 39536 3757K ACCEPT all ------ 0xFF 0x00 lo 0.0.0.0/0 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 !lo 127.0.0.0/8 0.0.0.0/0 n/a 89474 7888K ACCEPT all ------ 0xFF 0x00 eth0 216.86.213.0/24 0.0.0.0/0 n/a 204K 21M ACCEPT all ------ 0xFF 0x00 eth1 192.168.0.0/24 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 216.86.213.0/24 0.0.0.0/0 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 192.168.0.0/24 0.0.0.0/0 n/a 234K 189M ACCEPT all ------ 0xFF 0x00 eth0 0.0.0.0/0 216.86.213.93 n/a 0 0 ACCEPT all ------ 0xFF 0x00 eth0 0.0.0.0/0 216.86.213.255 n/a 17858 1487K DENY all ----l- 0xFF 0x00 * 0.0.0.0/0 0.0.0.0/0 n/a Chain forward (policy DENY: 0 packets, 0 bytes): pkts bytes target prot opt tosa tosx ifname mark outsize source destination ports 0 0 MASQ all ------ 0xFF 0x00 eth0 192.168.0.2 0.0.0.0/0 n/a 0 0 MASQ all ------ 0xFF 0x00 eth0 192.168.0.21 0.0.0.0/0 n/a 4464 690K MASQ all ------ 0xFF 0x00 eth0 192.168.0.22 0.0.0.0/0 n/a 443 66229 MASQ all ------ 0xFF 0x00 eth0 192.168.0.23 0.0.0.0/0 n/a 257 38564 MASQ all ------ 0xFF 0x00 eth0 192.168.0.24 0.0.0.0/0 n/a 58 4837 MASQ all ------ 0xFF 0x00 eth0 192.168.0.25 0.0.0.0/0 n/a 0 0 MASQ all ------ 0xFF 0x00 eth0 192.168.0.26 0.0.0.0/0 n/a 2606 571K MASQ all ------ 0xFF 0x00 eth0 192.168.0.27 0.0.0.0/0 n/a 2641 367K MASQ all ------ 0xFF 0x00 eth0 192.168.0.28 0.0.0.0/0 n/a 0 0 MASQ all ------ 0xFF 0x00 eth0 192.168.0.254 0.0.0.0/0 n/a Chain output (policy ACCEPT: 0 packets, 0 bytes): pkts bytes target prot opt tosa tosx ifname mark outsize source destination ports 39536 3757K ACCEPT all ------ 0xFF 0x00 lo 0.0.0.0/0 0.0.0.0/0 n/a 89476 7888K ACCEPT all ------ 0xFF 0x00 eth0 0.0.0.0/0 216.86.213.0/24 n/a 0 0 ACCEPT !tcp ------ 0xFF 0x00 eth0 0.0.0.0/0 224.0.0.0/4 * -> * 229K 187M ACCEPT all ------ 0xFF 0x00 eth1 0.0.0.0/0 192.168.0.0/24 n/a 0 0 ACCEPT !tcp ------ 0xFF 0x00 eth1 0.0.0.0/0 224.0.0.0/4 * -> * 0 0 DENY all ----l- 0xFF 0x00 eth0 0.0.0.0/0 216.86.213.0/24 n/a 0 0 DENY all ----l- 0xFF 0x00 eth0 0.0.0.0/0 192.168.0.0/24 n/a 168K 14M ACCEPT all ------ 0xFF 0x00 eth0 216.86.213.93 0.0.0.0/0 n/a 0 0 ACCEPT all ------ 0xFF 0x00 eth0 216.86.213.255 0.0.0.0/0 n/a 11 418 DENY all ----l- 0xFF 0x00 * 0.0.0.0/0 0.0.0.0/0 n/a Thanks for the help so far, hopefully this will give you, or someone else some ideas. Chad