[plug] iptables questions

William Kenworthy billk at iinet.net.au
Wed Sep 29 17:21:29 WST 2010 

On Wed, 2010-09-29 at 02:09 -0700, Fred Janon wrote:
> The server has another IP from the WAN that I am using to test.
> 
> Thanks
> 
> Fred
> 
> --- On Wed, 9/29/10, Daniel Pittman <daniel at rimspace.net> wrote:
>         
>         From: Daniel Pittman <daniel at rimspace.net>
>         Subject: Re: [plug] iptables questions
>         To: plug at plug.org.au
>         Date: Wednesday, September 29, 2010, 5:02 PM
>         
>         Fred Janon <fjanon at yahoo.com> writes:
>         
>         > I am trying to understand how iptables work.
>         
>         [...]
>         
>         > After some research, I did this to try to enable PINGs. The
>         server IP is
>         > 10.161.82.237
>         
>         [...]
>         
>         > The tracert or ping still time out.
>         
>         ...er, and just to check: you *are* doing your testing from
>         the same local
>         network as the server, not trying to reach it over the
>         Internet, right?
>         
>         I ask, because the 10/8 range is a "private use" allocation,
>         and isn't going
>         to be routed by your ISP or anything.
>         
>                 Daniel
>         -- 
>         ✣ Daniel Pittman            ✉ daniel at rimspace.net>         +61 401 155 707
>                        ♽ made with 100 percent post-consumer electrons
>         _______________________________________________
>         PLUG discussion list: plug at plug.org.au
>         http://www.plug.org.au/mailman/listinfo/plug
>         Committee e-mail: committee at plug.linux.org.au
>         
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://www.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au

Perhaps a bit more detail? ... WAN implies a non-local destination -
firewalls, routing and whole lot of things that can get in the way.  Are
you on a LAN or a WAN?  And no VPN or tun/tap interfaces involved?

As a starter, can you ping your own localhost and the LAN interface from
the machine itself.

Does the server have a firewall? Try the ping to localhost and network
interface on the server from the server.

tcptraceroute is useful for non-local destinations with "things in the
way".  Daniel is right in that traceroute uses UDP but thats for probes
- ICMP is used as well, or optionally all ICMP.

BillK

More information about the plug mailing list