Can't access admin pages on my linksys FW since upgrading to woody + 2.4 kernel, TCP RESET set on return packet
I don't know much about networking and this is probably the wrong forum, but here's my situation. After upgrading to deb woody +
2.4 kernel, i can't telnet to port 80 on my router where the web admin pages are.
This used to work under 2.2 and potato. I don't think i can revert back b/c I've added a new giant drive which won't boot under
2.2.
Anyhow, if i drop a windows box on the network, it can hit the admin page just fine (this is a linksys befsr41 fw that uses web
based admin). When i try to connect from the linux box with a browser or telnet to port 80, i get nothing. The return packet from
the linksys has its TCP reset flag set, which sounds bad.
The linux box has two ip's on this subnet, one static and one dhcp'ed from the linksys. I've tried disabling the static -- that
doesn't help + it worked fine under the 2.2 kernel.
But, the router works fine. I can "telnet www.yahoo.com 80" from the linux box and the linksys acts as a gateway just fine. ICMP
ping to the linksys is also fine.
Any help would be greatly appreciated.
-scott
>From windows "arp -a"
=====================
Interface: 192.168.1.102 on Interface 0x2
Internet Address Physical Address Type
192.168.1.5 00-c0-f0-5a-ba-24 dynamic
192.168.1.101 00-c0-f0-5a-ba-24 dynamic
>From linux "telnet linksys 80"
==============================
Trying 192.168.1.1...
telnet: Unable to connect to remote host: Connection refused
My outbound packet is
==========================================================
Frame 816 (74 on wire, 74 captured)
Arrival Time: Apr 15, 2003 23:13:30.110748000
Time delta from previous packet: 0.002321000 seconds
Time relative to first packet: 1.216612000 seconds
Frame Number: 816
Packet Length: 74 bytes
Capture Length: 74 bytes
Ethernet II
Destination: 00:20:78:d6:5b:7d (Runtop_d6:5b:7d)
Source: 00:c0:f0:5a:ba:24 (Kingston_5a:ba:24)
Type: IP (0x0800)
Internet Protocol, Src Addr: 192.168.1.101 (192.168.1.101), Dst Addr: linksys (192.168.1.1)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x10 (DSCP 0x04: Unknown DSCP; ECN: 0x00)
0001 00.. = Differentiated Services Codepoint: Unknown (0x04)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 60
Identification: 0x0a59
Flags: 0x04
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0xac9c (correct)
Source: 192.168.1.101 (192.168.1.101)
Destination: linksys (192.168.1.1)
Transmission Control Protocol, Src Port: 33565 (33565), Dst Port: www (80), Seq: 2089274685, Ack
: 0, Len: 0
Source port: 33565 (33565)
Destination port: www (80)
Sequence number: 2089274685
Header length: 40 bytes
Flags: 0x00c2 (SYN, ECN, CWR)
1... .... = Congestion Window Reduced (CWR): Set
.1.. .... = ECN-Echo: Set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
.... ...0 = Fin: Not set
Window size: 5840
Checksum: 0x16fd (correct)
Options: (20 bytes)
Maximum segment size: 1460 bytes
SACK permitted
Time stamp: tsval 19711844, tsecr 0
NOP
Window scale: 0 bytes
And inbound is
==============
Frame 817 (60 on wire, 60 captured)
Arrival Time: Apr 15, 2003 23:13:30.111468000
Time delta from previous packet: 0.000720000 seconds
Time relative to first packet: 1.217332000 seconds
Frame Number: 817
Packet Length: 60 bytes
Capture Length: 60 bytes
Ethernet II
Destination: 00:c0:f0:5a:ba:24 (Kingston_5a:ba:24)
Source: 00:20:78:d6:5b:7d (Runtop_d6:5b:7d)
Type: IP (0x0800)
Trailer: 000000000000
Internet Protocol, Src Addr: linksys (192.168.1.1), Dst Addr: 192.168.1.101 (192.168.1.101)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 40
Identification: 0x0a59
Flags: 0x00
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 150
Protocol: TCP (0x06)
Header checksum: 0x96c0 (correct)
Source: linksys (192.168.1.1)
Destination: 192.168.1.101 (192.168.1.101)
Transmission Control Protocol, Src Port: www (80), Dst Port: 33565 (33565), Seq: 0, Ack: 2089274686, Len: 0
Source port: www (80)
Destination port: 33565 (33565)
Sequence number: 0
Acknowledgement number: 2089274686
Header length: 20 bytes
Flags: 0x0014 (RST, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgment: Set
.... 0... = Push: Not set
.... .1.. = Reset: Set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 5840
Checksum: 0x4816 (correct)
Other stuff people will ask for
===============================
fishmonger:/root# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:C0:F0:5A:BA:24
inet addr:192.168.1.103 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:194112 errors:1 dropped:0 overruns:0 frame:0
TX packets:267985 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:23808895 (22.7 MiB) TX bytes:264108422 (251.8 MiB)
Interrupt:9 Base address:0xf000
eth0:0 Link encap:Ethernet HWaddr 00:C0:F0:5A:BA:24
inet addr:192.168.1.5 Bcast:192.168.1.255 Mask:255.255.255.255
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:9 Base address:0xf000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1495 errors:0 dropped:0 overruns:0 frame:0
TX packets:1495 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:169610 (165.6 KiB) TX bytes:169610 (165.6 KiB)
fishmonger:/home/sdh# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.5 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
fishmonger:/etc# cat dhclient.conf
send host-name "fishmonger";
request subnet-mask, broadcast-address, time-offset, routers,
domain-name, domain-name-servers, host-name;
require subnet-mask, domain-name-servers;
timeout 60;
retry 60;
select-timeout 5;
initial-interval 2;
alias {
interface "eth0";
fixed-address 192.168.1.5;
option subnet-mask 255.255.255.255;
}
Reply to: