Gentoo Archives: gentoo-user

From:	Adam Carter <adamcarter3@×××××.com>
To:	gentoo-user@l.g.o
Subject:	Re: [gentoo-user] Cant connect to local webserver - ICMP admin prohibited
Date:	Fri, 23 Sep 2011 17:03:19
Message-Id:	`CAC=wYCGasoFxC8=4XNqVxbEBtSSG8fDG6r0o_ubiXs7OaDy-Bw@mail.gmail.com`
In Reply to:	Re: [gentoo-user] Cant connect to local webserver - ICMP admin prohibited by Pandu Poluan

1	> Can you post the outputs of 'iptables-save' and 'ip rule show'?
2
3	# iptables-save
4	# Generated by iptables-save v1.4.12.1 on Sat Sep 24 02:57:42 2011
5	*nat
6	:PREROUTING ACCEPT [239188:15840835]
7	:INPUT ACCEPT [230129:15089630]
8	:OUTPUT ACCEPT [265028:20043915]
9	:POSTROUTING ACCEPT [0:0]
10	-A PREROUTING -s 10.0.0.254/32 -p tcp -m tcp --dport 80 -j ACCEPT
11	-A PREROUTING -s 10.0.0.254/32 -p tcp -m tcp --dport 8081 -j ACCEPT
12	-A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.0.0.254:3129
13	-A POSTROUTING -j MASQUERADE
14	COMMIT
15	# Completed on Sat Sep 24 02:57:42 2011
16	# Generated by iptables-save v1.4.12.1 on Sat Sep 24 02:57:42 2011
17	*mangle
18	:PREROUTING ACCEPT [63823853:97394042876]
19	:INPUT ACCEPT [62454740:96723050843]
20	:FORWARD ACCEPT [1367064:670686100]
21	:OUTPUT ACCEPT [47954138:21176280811]
22	:POSTROUTING ACCEPT [49321180:21846964975]
23	COMMIT
24	# Completed on Sat Sep 24 02:57:42 2011
25	# Generated by iptables-save v1.4.12.1 on Sat Sep 24 02:57:42 2011
26	*filter
27	:INPUT ACCEPT [683278:162916016]
28	:FORWARD ACCEPT [18:1044]
29	:OUTPUT ACCEPT [750201:170843065]
30	:fail2ban-SSH - [0:0]
31	:fail2ban-apache - [0:0]
32	COMMIT
33	# Completed on Sat Sep 24 02:57:42 2011
34
35	The wlan interface that uses 10. addressing is not in use at the moment.
36
37	I'm using ifconfig so i dont have the ip binary on this system.

Subject	Author
Re: [gentoo-user] Cant connect to local webserver - ICMP admin prohibited	Pandu Poluan <pandu@××××××.info>