On Mon 06 Jun 2016 at 18:38:55 (+0200), Norbert Kiszka wrote: > Dnia 2016-06-06, pon o godzinie 11:26 -0500, David Wright pisze: > > On Mon 06 Jun 2016 at 18:11:27 (+0200), Norbert Kiszka wrote: > > > Dnia 2016-06-06, pon o godzinie 11:00 -0500, David Wright pisze: > > > > On Mon 06 Jun 2016 at 15:27:16 (+0000), Mark Fletcher wrote: > > > > > On Mon, 6 Jun 2016 at 23:15, Santiago Vila <sanv...@unex.es> wrote: > > > > > > > > > > > On Mon, Jun 06, 2016 at 10:06:54AM +1200, Jan Bakuwel wrote: > > > > > > > Check your firewall rules. > > > > > > > > > > > > It can't be firewall rules. Try this to block outgoing ping: > > > > > > > > > > > > iptables -A OUTPUT -p icmp --icmp-type echo-request -j REJECT > > > > > > > > > > > > then try to ping anywhere. You will get a different error message, > > > > > > namely "Destination Port Unreachable". > > > > > > > > > > > > [ Why people do not read all messages in the thread before answering > > > > > > is a mystery to me ]. > > > > > > > > > No, that's not true, you definitely can get this very error due to > > > > > something to do with the firewall, maybe it's not able to resolve the > > > > > ping > > > > > target rather than not able to reach the resulting host, I'm damned > > > > > if I > > > > > can remember the specifics but I've definitely seen this happen on an > > > > > lfs > > > > > box before and it was nothing to do with perms (as I said before, to > > > > > your > > > > > point about people not reading the whole thread...) > > > > > > > > I don't understand this argument. > > > > > > > > Why would ping bother to open a socket to a host it couldn't resolve? > > > > > > > > I know precious little about firewall rules, but AIUI the rules > > > > determine whether to respond with things like Drop, Reject, Deny. > > > > Now the OP didn't manage to open a socket; that's in the error message: > > > > "ping: icmp open socket: Operation not permitted" > > > > So how would ping find out how the firewall was going to react to its > > > > ping message without opening a socket to send something? > > > > > > Did You change linux kernel, kernel modules or something lastly? > > > > I now know even less about what you're talking about. I don't have a > > problem. I have easily duplicated the OP's error message in the > > following way: > > > > $ cp -ip /bin/ping /tmp > > $ /tmp/ping alum.local > > ping: icmp open socket: Operation not permitted > > $ /sbin/getcap /tmp/ping > > $ /sbin/getcap /bin/ping > > /bin/ping = cap_net_raw+ep > > $ > > > > That's jessie. On wheezy: > > > > $ ls -l /bin/ping /tmp/ping > > -rwsr-xr-x 1 root root 31104 Apr 12 2011 /bin/ping > > -rwxr-xr-x 1 david david 31104 Apr 12 2011 /tmp/ping > > Show output of those commands: > > # iptables -L > # lsmod > $ uname -a > $ cat /etc/issue
Gladly, though I think you're taking an unhealthy interest in *my* machine. # /sbin/iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination # Bear in mind that I rebooted after making the change posted in this thread, so that change is lost. $ lsmod Module Size Used by iptable_filter 12488 0 ip_tables 16975 1 iptable_filter x_tables 17978 2 ip_tables,iptable_filter ctr 12807 2 ccm 17361 2 snd_hrtimer 12540 1 snd_seq_midi 12744 0 snd_seq_midi_event 13124 1 snd_seq_midi snd_rawmidi 22372 1 snd_seq_midi snd_seq 51562 3 snd_seq_midi_event,snd_seq_midi snd_seq_device 12980 3 snd_seq,snd_rawmidi,snd_seq_midi bnep 17184 2 cpufreq_powersave 12422 0 cpufreq_userspace 12477 0 cpufreq_conservative 13872 0 cpufreq_stats 12694 0 nfsd 236959 2 auth_rpcgss 45765 1 nfsd oid_registry 12387 1 auth_rpcgss nfs_acl 12463 1 nfsd nfs 168022 0 lockd 73443 2 nfs,nfsd fscache 44782 1 nfs sunrpc 211341 6 nfs,nfsd,auth_rpcgss,lockd,nfs_acl joydev 16847 0 ecb 12649 1 btusb 25417 0 bluetooth 340064 21 bnep,btusb 6lowpan_iphc 16548 1 bluetooth iTCO_wdt 12727 0 iTCO_vendor_support 12585 1 iTCO_wdt snd_hda_codec_idt 48266 1 snd_hda_codec_generic 58021 2 snd_hda_codec_idt arc4 12480 2 dell_wmi 12437 0 sparse_keymap 12730 1 dell_wmi tg3 154678 0 iwl3945 53405 0 iwlegacy 53921 1 iwl3945 mac80211 425575 2 iwl3945,iwlegacy snd_hda_intel 26023 0 ptp 17462 1 tg3 coretemp 12708 0 pps_core 17080 1 ptp libphy 27468 1 tg3 snd_hda_controller 26262 1 snd_hda_intel sdhci_pci 17697 0 snd_hda_codec 93797 4 snd_hda_codec_idt,snd_hda_codec_generic,snd_hda_intel,snd_hda_controller cfg80211 350041 3 iwl3945,iwlegacy,mac80211 sdhci 34721 1 sdhci_pci kvm 330411 0 pcmcia 44245 0 dell_laptop 16941 0 mmc_core 91803 2 sdhci,sdhci_pci yenta_socket 38561 0 snd_hwdep 12906 1 snd_hda_codec rfkill 18387 5 cfg80211,bluetooth,dell_laptop psmouse 93505 0 snd_pcm_oss 44124 0 firewire_ohci 34856 0 dcdbas 13087 1 dell_laptop pcmcia_rsrc 17292 1 yenta_socket sg 25573 0 i2c_i801 16845 0 serio_raw 12737 0 snd_mixer_oss 21822 1 snd_pcm_oss lpc_ich 16616 0 mfd_core 12537 1 lpc_ich pcmcia_core 18024 3 pcmcia,pcmcia_rsrc,yenta_socket uhci_hcd 38948 0 snd_pcm 78128 4 snd_pcm_oss,snd_hda_codec,snd_hda_intel,snd_hda_controller shpchp 30673 0 ehci_pci 12464 0 tpm_tis 17063 0 snd_timer 26105 3 snd_hrtimer,snd_pcm,snd_seq snd 55101 13 snd_pcm_oss,snd_hwdep,snd_timer,snd_hda_codec_idt,snd_pcm,snd_seq,snd_rawmidi,snd_hda_codec_generic,snd_hda_codec,snd_hda_intel,snd_seq_device,snd_mixer_oss rng_core 12645 0 ehci_hcd 64933 1 ehci_pci tpm 26879 1 tpm_tis usbcore 171098 4 btusb,uhci_hcd,ehci_hcd,ehci_pci usb_common 12408 1 usbcore soundcore 12890 2 snd,snd_hda_codec wmi 17147 1 dell_wmi evdev 17136 4 battery 13164 0 ac 12627 0 acpi_cpufreq 17050 0 processor 27590 3 acpi_cpufreq binfmt_misc 12733 1 loop 21987 0 firewire_sbp2 17533 0 firewire_core 51113 2 firewire_ohci,firewire_sbp2 crc_itu_t 12331 1 firewire_core fuse 77496 1 parport_pc 26004 0 ppdev 16686 0 lp 12766 0 parport 35213 3 lp,ppdev,parport_pc autofs4 34865 2 ext4 438464 3 crc16 12327 2 ext4,bluetooth mbcache 17027 1 ext4 jbd2 72964 1 ext4 sd_mod 43684 5 crc_t10dif 12399 1 sd_mod crct10dif_generic 12517 1 crct10dif_common 12340 2 crct10dif_generic,crc_t10dif ata_generic 12450 0 ata_piix 29371 4 libata 161908 2 ata_generic,ata_piix scsi_mod 164132 4 sg,libata,sd_mod,firewire_sbp2 i915 762655 1 i2c_algo_bit 12647 1 i915 drm_kms_helper 44450 1 i915 video 17763 1 i915 thermal 17343 0 button 12824 1 i915 drm 207686 3 i915,drm_kms_helper i2c_core 36838 5 drm,i915,i2c_i801,drm_kms_helper,i2c_algo_bit thermal_sys 27122 3 video,thermal,processor $ Why root? $ uname -a Linux west 3.16.0-4-686-pae #1 SMP Debian 3.16.7-ckt25-2 (2016-04-08) i686 GNU/Linux $ cat /etc/issue Debian GNU/Linux 8 \n \l $ I don't think you'll learn much from that lot, but happy to oblige. Cheers, David.
