Re: network working one way only?
On Mon, Jun 21, 2004 at 12:47:54PM -0400, richard lyons wrote:
> On Monday 21 June 2004 11:42, John Summerfield wrote:
> > richard lyons wrote:
> > >I must be in an exceptionally dim mood today. I just noticed that
> > > my laptop, on which I am writing this, is not accessible from other
> > > boxes on the network. Ping, nfs, cups are all failing to connect.
> > > Must be
> >
> > Sounds ideal to me. Are you running any firewall setup on the laptop?
>
> I did not think I was...
>
> [...]
> > If this command returns a list of machines, your DNS setup is
> > working: host www.ibm.com
>
> $ host www.ibm.com
> -bash: host: command not found
> But it must be working, as I can browse the web and ping out to the
> network. That is a red herring (though I wish I had dig - perhaps I
> need to install bind to get it.)
> >
> > >I can`t at the moment think what to look for next -- quick hint
> > > anyone?
> >
> > Not being able to ping your box can be annoying when you're trying to
> > diagnose connectivity probs. What does this produce:
> > iptables -L
>
> My output is hugely long. Each of the sections Chain INPUT, FORWARD and
> OUTPUT have `(policy DROP)`, followed by many other lines. I have
> never configured a firewall on this computer as the network is behind a
> firewall. (Accepting that that may not be a good policy). Just the
> same, I assume this is the problem, as I do get about 150 lines of
> printout from iptables -L. Can I just turn this off somehow?
> >
> > If it is _not_ like this, then that's re reason:
> > Dolphin:~# iptables -L
> > Chain INPUT (policy ACCEPT)
> > target prot opt source destination
> >
> > Chain FORWARD (policy ACCEPT)
> > target prot opt source destination
> >
> > Chain OUTPUT (policy ACCEPT)
> > target prot opt source destination
> > Dolphin:~#
> >
> >
> > It seems to me you have an unexpectedly secure firewall setup:-)
>
> Evidently. :-(
>
> Is that half a day of learning, or can I slip out by some cheat?
You could (as root) try running /etc/init.d/iptables. I believe that
you then see some possible parameters, one of which is clear. If I'm
right, run /etc/init.d/iptables clear, and see if that helps.
Assuming that iptables is being set up on boot by /etc/init.d/iptables,
it shouldn't be too hard to work out how to save the clear ruleset for
future boot.
A
--
Please don't CC me. Also _please_ read the following before posting:
Documentation - http://www.debian.org/doc/
FAQ - http://www.debian.org/doc/FAQ/
Install manual (i386) - http://www.debian.org/releases/stable/i386/install
Reply to: