[plug] iptables questions

Fred Janon fjanon at yahoo.com
Wed Sep 29 17:29:12 WST 2010 

$ ping localhost
PING localhost (127.0.0.1) 56(84) bytes of data.
64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.028 ms
64 bytes from localhost (127.0.0.1): icmp_seq=2 ttl=64 time=0.029 ms

The server is on an EC2 Amazon server in the US and I am trying to traceroute it from here with my ISP and the Amazon firewall in the middle, with an ocean in between.

Thanks

Fred

--- On Wed, 9/29/10, William Kenworthy <billk at iinet.net.au> wrote:

From: William Kenworthy <billk at iinet.net.au>
Subject: Re: [plug] iptables questions
To: plug at plug.org.au
Date: Wednesday, September 29, 2010, 5:21 PM

On Wed, 2010-09-29 at 02:09 -0700, Fred Janon wrote:
> The server has another IP from the WAN that I am using to test.
> 
> Thanks
> 
> Fred
> 
> --- On Wed, 9/29/10, Daniel Pittman <daniel at rimspace.net> wrote:
>         
>         From: Daniel Pittman <daniel at rimspace.net>
>         Subject: Re: [plug] iptables questions
>         To: plug at plug.org.au
>         Date: Wednesday, September 29, 2010, 5:02 PM
>         
>         Fred Janon <fjanon at yahoo.com> writes:
>         
>         > I am trying to understand how iptables work.
>         
>         [...]
>         
>         > After some research, I did this to try to enable PINGs. The
>         server IP is
>         > 10.161.82.237
>         
>         [...]
>         
>         > The tracert or ping still time out.
>         
>         ...er, and just to check: you *are* doing your testing from
>         the same local
>         network as the server, not trying to reach it over the
>         Internet, right?
>         
>         I ask, because the 10/8 range is a "private use" allocation,
>         and isn't going
>         to be routed by your ISP or anything.
>         
>                 Daniel
>         -- 
>         ✣ Daniel Pittman            ✉ daniel at rimspace.net            ☎
>         +61 401 155 707
>                        ♽ made with 100 percent post-consumer electrons
>         _______________________________________________
>         PLUG discussion list: plug at plug.org.au
>         http://www.plug.org.au/mailman/listinfo/plug
>         Committee e-mail: committee at plug.linux.org.au
>         
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://www.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au

Perhaps a bit more detail? ... WAN implies a non-local destination -
firewalls, routing and whole lot of things that can get in the way.  Are
you on a LAN or a WAN?  And no VPN or tun/tap interfaces involved?

As a starter, can you ping your own localhost and the LAN interface from
the machine itself.

Does the server have a firewall? Try the ping to localhost and network
interface on the server from the server.

tcptraceroute is useful for non-local destinations with "things in the
way".  Daniel is right in that traceroute uses UDP but thats for probes
- ICMP is used as well, or optionally all ICMP.

BillK


_______________________________________________
PLUG discussion list: plug at plug.org.au
http://www.plug.org.au/mailman/listinfo/plug
Committee e-mail: committee at plug.linux.org.au
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20100929/b76e662e/attachment.html>

More information about the plug mailing list