1 |
# netstat -antp | grep apach |
2 |
tcp 0 0 192.168.1.250:80 0.0.0.0:* |
3 |
LISTEN 25577/apache2 |
4 |
|
5 |
# tcpdump -n -i eth0 host 192.168.1.6 and port not 22 |
6 |
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode |
7 |
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes |
8 |
21:10:57.011994 IP 192.168.1.6.46161 > 192.168.1.250.80: S |
9 |
4279617058:4279617058(0) win 14600 <mss 1460,sackOK,timestamp 7007662 |
10 |
0,nop,wscale 6> |
11 |
21:10:57.037227 IP 192.168.1.250 > 192.168.1.6: ICMP host |
12 |
192.168.1.250 unreachable - admin prohibited filter, length 36 |
13 |
21:11:06.157052 IP 192.168.1.6.46162 > 192.168.1.250.80: S |
14 |
3082744432:3082744432(0) win 14600 <mss 1460,sackOK,timestamp 7016807 |
15 |
0,nop,wscale 6> |
16 |
21:11:06.182781 IP 192.168.1.250 > 192.168.1.6: ICMP host |
17 |
192.168.1.250 unreachable - admin prohibited filter, length 36 |
18 |
|
19 |
ssh works. Connection from the same client to a third gentoo box |
20 |
running a webserver works. |
21 |
|
22 |
Anyone seen this behavior? There's no iptables, the hosts are gentoo |
23 |
and on the same subnet. I've only seen admin prohibited ICMP from |
24 |
filtering by cisco ACLs - what could be the problem? |