Dnia 2016-06-06, pon o godzinie 12:00 -0500, David Wright pisze: > On Mon 06 Jun 2016 at 18:38:55 (+0200), Norbert Kiszka wrote: > > Dnia 2016-06-06, pon o godzinie 11:26 -0500, David Wright pisze: > > > On Mon 06 Jun 2016 at 18:11:27 (+0200), Norbert Kiszka wrote: > > > > Dnia 2016-06-06, pon o godzinie 11:00 -0500, David Wright pisze: > > > > > On Mon 06 Jun 2016 at 15:27:16 (+0000), Mark Fletcher wrote: > > > > > > On Mon, 6 Jun 2016 at 23:15, Santiago Vila <sanv...@unex.es> wrote: > > > > > > > > > > > > > On Mon, Jun 06, 2016 at 10:06:54AM +1200, Jan Bakuwel wrote: > > > > > > > > Check your firewall rules. > > > > > > > > > > > > > > It can't be firewall rules. Try this to block outgoing ping: > > > > > > > > > > > > > > iptables -A OUTPUT -p icmp --icmp-type echo-request -j REJECT > > > > > > > > > > > > > > then try to ping anywhere. You will get a different error message, > > > > > > > namely "Destination Port Unreachable". > > > > > > > > > > > > > > [ Why people do not read all messages in the thread before > > > > > > > answering > > > > > > > is a mystery to me ]. > > > > > > > > > > > No, that's not true, you definitely can get this very error due to > > > > > > something to do with the firewall, maybe it's not able to resolve > > > > > > the ping > > > > > > target rather than not able to reach the resulting host, I'm damned > > > > > > if I > > > > > > can remember the specifics but I've definitely seen this happen on > > > > > > an lfs > > > > > > box before and it was nothing to do with perms (as I said before, > > > > > > to your > > > > > > point about people not reading the whole thread...) > > > > > > > > > > I don't understand this argument. > > > > > > > > > > Why would ping bother to open a socket to a host it couldn't resolve? > > > > > > > > > > I know precious little about firewall rules, but AIUI the rules > > > > > determine whether to respond with things like Drop, Reject, Deny. > > > > > Now the OP didn't manage to open a socket; that's in the error > > > > > message: > > > > > "ping: icmp open socket: Operation not permitted" > > > > > So how would ping find out how the firewall was going to react to its > > > > > ping message without opening a socket to send something? > > > > > > > > Did You change linux kernel, kernel modules or something lastly? > > > > > > I now know even less about what you're talking about. I don't have a > > > problem. I have easily duplicated the OP's error message in the > > > following way: > > > > > > $ cp -ip /bin/ping /tmp > > > $ /tmp/ping alum.local > > > ping: icmp open socket: Operation not permitted > > > $ /sbin/getcap /tmp/ping > > > $ /sbin/getcap /bin/ping > > > /bin/ping = cap_net_raw+ep > > > $ > > > > > > That's jessie. On wheezy: > > > > > > $ ls -l /bin/ping /tmp/ping > > > -rwsr-xr-x 1 root root 31104 Apr 12 2011 /bin/ping > > > -rwxr-xr-x 1 david david 31104 Apr 12 2011 /tmp/ping > > > > Show output of those commands: > > > > # iptables -L > > # lsmod > > $ uname -a > > $ cat /etc/issue > > Gladly, though I think you're taking an unhealthy interest in *my* machine. > > # /sbin/iptables -L > Chain INPUT (policy ACCEPT) > target prot opt source destination > > Chain FORWARD (policy ACCEPT) > target prot opt source destination > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > # > > Bear in mind that I rebooted after making the change posted in this thread, > so that change is lost. > > $ lsmod > Module Size Used by > iptable_filter 12488 0 > ip_tables 16975 1 iptable_filter > x_tables 17978 2 ip_tables,iptable_filter > ctr 12807 2 > ccm 17361 2 > snd_hrtimer 12540 1 > snd_seq_midi 12744 0 > snd_seq_midi_event 13124 1 snd_seq_midi > snd_rawmidi 22372 1 snd_seq_midi > snd_seq 51562 3 snd_seq_midi_event,snd_seq_midi > snd_seq_device 12980 3 snd_seq,snd_rawmidi,snd_seq_midi > bnep 17184 2 > cpufreq_powersave 12422 0 > cpufreq_userspace 12477 0 > cpufreq_conservative 13872 0 > cpufreq_stats 12694 0 > nfsd 236959 2 > auth_rpcgss 45765 1 nfsd > oid_registry 12387 1 auth_rpcgss > nfs_acl 12463 1 nfsd > nfs 168022 0 > lockd 73443 2 nfs,nfsd > fscache 44782 1 nfs > sunrpc 211341 6 nfs,nfsd,auth_rpcgss,lockd,nfs_acl > joydev 16847 0 > ecb 12649 1 > btusb 25417 0 > bluetooth 340064 21 bnep,btusb > 6lowpan_iphc 16548 1 bluetooth > iTCO_wdt 12727 0 > iTCO_vendor_support 12585 1 iTCO_wdt > snd_hda_codec_idt 48266 1 > snd_hda_codec_generic 58021 2 snd_hda_codec_idt > arc4 12480 2 > dell_wmi 12437 0 > sparse_keymap 12730 1 dell_wmi > tg3 154678 0 > iwl3945 53405 0 > iwlegacy 53921 1 iwl3945 > mac80211 425575 2 iwl3945,iwlegacy > snd_hda_intel 26023 0 > ptp 17462 1 tg3 > coretemp 12708 0 > pps_core 17080 1 ptp > libphy 27468 1 tg3 > snd_hda_controller 26262 1 snd_hda_intel > sdhci_pci 17697 0 > snd_hda_codec 93797 4 > snd_hda_codec_idt,snd_hda_codec_generic,snd_hda_intel,snd_hda_controller > cfg80211 350041 3 iwl3945,iwlegacy,mac80211 > sdhci 34721 1 sdhci_pci > kvm 330411 0 > pcmcia 44245 0 > dell_laptop 16941 0 > mmc_core 91803 2 sdhci,sdhci_pci > yenta_socket 38561 0 > snd_hwdep 12906 1 snd_hda_codec > rfkill 18387 5 cfg80211,bluetooth,dell_laptop > psmouse 93505 0 > snd_pcm_oss 44124 0 > firewire_ohci 34856 0 > dcdbas 13087 1 dell_laptop > pcmcia_rsrc 17292 1 yenta_socket > sg 25573 0 > i2c_i801 16845 0 > serio_raw 12737 0 > snd_mixer_oss 21822 1 snd_pcm_oss > lpc_ich 16616 0 > mfd_core 12537 1 lpc_ich > pcmcia_core 18024 3 pcmcia,pcmcia_rsrc,yenta_socket > uhci_hcd 38948 0 > snd_pcm 78128 4 > snd_pcm_oss,snd_hda_codec,snd_hda_intel,snd_hda_controller > shpchp 30673 0 > ehci_pci 12464 0 > tpm_tis 17063 0 > snd_timer 26105 3 snd_hrtimer,snd_pcm,snd_seq > snd 55101 13 > snd_pcm_oss,snd_hwdep,snd_timer,snd_hda_codec_idt,snd_pcm,snd_seq,snd_rawmidi,snd_hda_codec_generic,snd_hda_codec,snd_hda_intel,snd_seq_device,snd_mixer_oss > rng_core 12645 0 > ehci_hcd 64933 1 ehci_pci > tpm 26879 1 tpm_tis > usbcore 171098 4 btusb,uhci_hcd,ehci_hcd,ehci_pci > usb_common 12408 1 usbcore > soundcore 12890 2 snd,snd_hda_codec > wmi 17147 1 dell_wmi > evdev 17136 4 > battery 13164 0 > ac 12627 0 > acpi_cpufreq 17050 0 > processor 27590 3 acpi_cpufreq > binfmt_misc 12733 1 > loop 21987 0 > firewire_sbp2 17533 0 > firewire_core 51113 2 firewire_ohci,firewire_sbp2 > crc_itu_t 12331 1 firewire_core > fuse 77496 1 > parport_pc 26004 0 > ppdev 16686 0 > lp 12766 0 > parport 35213 3 lp,ppdev,parport_pc > autofs4 34865 2 > ext4 438464 3 > crc16 12327 2 ext4,bluetooth > mbcache 17027 1 ext4 > jbd2 72964 1 ext4 > sd_mod 43684 5 > crc_t10dif 12399 1 sd_mod > crct10dif_generic 12517 1 > crct10dif_common 12340 2 crct10dif_generic,crc_t10dif > ata_generic 12450 0 > ata_piix 29371 4 > libata 161908 2 ata_generic,ata_piix > scsi_mod 164132 4 sg,libata,sd_mod,firewire_sbp2 > i915 762655 1 > i2c_algo_bit 12647 1 i915 > drm_kms_helper 44450 1 i915 > video 17763 1 i915 > thermal 17343 0 > button 12824 1 i915 > drm 207686 3 i915,drm_kms_helper > i2c_core 36838 5 drm,i915,i2c_i801,drm_kms_helper,i2c_algo_bit > thermal_sys 27122 3 video,thermal,processor > $ > > Why root? > > $ uname -a > Linux west 3.16.0-4-686-pae #1 SMP Debian 3.16.7-ckt25-2 (2016-04-08) i686 > GNU/Linux > $ cat /etc/issue > Debian GNU/Linux 8 \n \l > > $ > > I don't think you'll learn much from that lot, but happy to oblige. > > Cheers, > David. >
1. Did You tried another kernel? If not, maybe try from backports for first. 2. iptable_filter 12488 0 > ip_tables 16975 1 iptable_filter Little suspicious for me. What needs this modules when you have default "no rules"? BTW. You are using wifi currently? Ping to localhost doesnt works too?
