Fedora Linux Support Community & Resources Center
  #1  
Old 2nd May 2008, 02:53 AM
khandu Offline
Registered User
 
Join Date: Jul 2004
Posts: 33
Talking Cant Ping but Internet works : FUNNY

Hi

I have updated FC8 to latest. Funny part is that internet is working fine and everything is fine

But ping / tracert etc fails.. dont give any reply from any website

Ping to localhost works fine...

Someone help me regarding this
Reply With Quote
  #2  
Old 2nd May 2008, 03:05 AM
wrhansen Offline
Registered User
 
Join Date: Sep 2005
Location: Holland, MI
Age: 28
Posts: 28
Can you ping your router? Maybe it doesn't have ping enabled?!?

/Edit Also you may want to use wireshark while pinging to get an idea of what's happening
__________________
Registered Linux User: #448637
Reply With Quote
  #3  
Old 2nd May 2008, 03:05 AM
juanfgs Offline
Registered User
 
Join Date: Mar 2008
Location: Entre Rios, Argentina
Posts: 166
Sounds strange.
Check your firewall rules (via the GUI or iptables -L)
__________________
I'm back... again...
Reply With Quote
  #4  
Old 2nd May 2008, 03:44 AM
Hlingler Offline
Administrator
 
Join Date: Sep 2006
Location: Connellsville, PA, USA
Posts: 11,291
I can't ping anything anywhere either, but that's because I have the firewall set to block pings.

V
Reply With Quote
  #5  
Old 4th May 2008, 04:30 AM
khandu Offline
Registered User
 
Join Date: Jul 2004
Posts: 33
I have this in iptables

Quote:
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -i eth0 -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 1812 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 1813 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A FORWARD -p icmp --icmp-type any -j ACCEPT
-A FORWARD -i lo -j ACCEPT
-A FORWARD -i eth0 -j ACCEPT
-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
pinging google gives

Quote:
[root@localhost ~]# ping www.google.com
PING www.google.com (74.125.19.103) 56(84) bytes of data.

--- www.google.com ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1001ms
But wireshark gives

Quote:
590 510.345431 192.168.197.131 74.125.19.103 ICMP Echo (ping) request
Reply With Quote
  #6  
Old 4th May 2008, 04:36 AM
Hlingler Offline
Administrator
 
Join Date: Sep 2006
Location: Connellsville, PA, USA
Posts: 11,291
Quote:
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
I'm not an IPTables/firewall expert by a longshot, but it sure looks like you have ICMP ("pinging") prohibited.

V
Reply With Quote
  #7  
Old 4th May 2008, 02:23 PM
LDC Offline
Registered User
 
Join Date: Mar 2008
Posts: 986
if you have a router with an hardware firewall, is there any sense in having also the software firewall enabled? ^^;
__________________
Money couldn't buy friends, but you get a better class of enemy.

Linux Registered User #476391
Reply With Quote
  #8  
Old 4th May 2008, 04:07 PM
urzasrage Offline
Registered User
 
Join Date: Aug 2005
Location: California
Posts: 188
Quote:
Originally Posted by LDC
if you have a router with an hardware firewall, is there any sense in having also the software firewall enabled? ^^;
Multi-layered defense.
__________________
"I have not failed 700 times. I have not failed once. I have succeeded in proving that those 700 ways will not work. When I have eliminated the ways that will not work, I will find the way that will work."
- Edison

It's Gnu/Linux not Linux.

Reply With Quote
  #9  
Old 4th May 2008, 04:56 PM
LDC Offline
Registered User
 
Join Date: Mar 2008
Posts: 986
in a home user environment?
__________________
Money couldn't buy friends, but you get a better class of enemy.

Linux Registered User #476391
Reply With Quote
  #10  
Old 4th May 2008, 05:38 PM
notageek Offline
Registered User
 
Join Date: Jan 2008
Location: New Delhi, India
Posts: 2,068
I know sometime back google blocked ping requests to itself, try websites like (well... try other websites )
__________________
Robot Nite - Designated device drivers drink free
Reply With Quote
  #11  
Old 4th May 2008, 10:30 PM
stevea Online
Registered User
 
Join Date: Apr 2006
Location: Ohio, USA
Posts: 8,556
[stevea@nidula ~]# ping google.com
PING google.com (64.233.167.99) 56(84) bytes of data.
64 bytes from py-in-f99.google.com (64.233.167.99): icmp_seq=1 ttl=241 time=39.3 ms
64 bytes from py-in-f99.google.com (64.233.167.99): icmp_seq=2 ttl=241 time=34.4 ms


I believe it was some other major web presence, not google or yahoo. You can alway telnet to port 80 on any website to test connectivity.

I'm with LDC. Unless you distrust the ppl behind your router, or the ones you allow through your router, then the extra firewalling isn't desirable.

Last edited by stevea; 4th May 2008 at 10:32 PM.
Reply With Quote
  #12  
Old 5th May 2008, 08:03 AM
khandu Offline
Registered User
 
Join Date: Jul 2004
Posts: 33
Hmm.. i m using vmware with vista and FC8 as host

before updating it it was working fine.. updating FC8 I mean.. but now I cannot ping ANY website..

vista pings.. so not the router problem..

its a home environment.. FC8 firewall is just on to just test some things..
Reply With Quote
Reply

Tags
funny, internet, ping, works

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
If you can ping but almost nothing else (including yum) works scottro Guides & Solutions (No Questions) 3 6th August 2009 11:15 PM
can't ping external IPs (no firewall, web works) progressive Servers & Networking 3 19th June 2009 07:20 PM
Ping Works, but not firefox WhiteFeather Servers & Networking 4 10th April 2009 01:21 AM
ping works but can't get internet. please help razvan_vlad Servers & Networking 8 28th January 2007 01:41 AM
Server crashes and only thing that works is PING - FC3 : 2.6.12-1.1381_FC3 Shade Servers & Networking 3 25th July 2006 09:45 AM


Current GMT-time: 19:37 (Thursday, 24-04-2014)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat