[linux] Connections time out, need help

Evan Martin martine at danga.com
Sat Mar 17 12:25:14 PDT 2007 

Use tcpdump another box on the subnet to see if the packets from the
internet are making it onto the "wire"?

On 3/17/07, Brad Willson <bradw at ifixcomputers.com> wrote:
> They do pass into the box -if- coming from inside the subnet.  This is
> also true of the other servers behind the firewalls.  The difference is,
> this box is the only one that will not accept connections from the
> internet or connect to systems outside the subnet.  Connections in this
> context include ping, smtp, snmp, imaps (587), dns, and telnet to name
> the majority.
>
> Evan Martin wrote:
> > I'd start with using tcpdump to see whether ssh attempts in are
> > actually getting packets in.
> >
> > On 3/17/07, Brad Willson <bradw at ifixcomputers.com> wrote:
> >> I would be writing from my GeneTests account but alas, it is having
> >> issues.
> >>
> >> Here's the deal;
> >> * reverse DNS is working, which I confirmed with host on all systems on
> >> the intranet.
> >> * internet SSH sessions into and out of the box time out without
> >> connection.
> >> * internet SSH sessions into and out of other boxes on the subnet
> >> succeed.
> >> * intranet SSH sessions succeed on the same subnet, both into and out of
> >> the box.
> >> * ping connections to internet destinations time out, but ip resolution
> >> does take place properly.
> >> * runs of chkrootkit and rkhunter revealed nothing unusual.
> >> * nsswitch.conf, resolv.conf, hosts, hosts.allow, hosts.deny all appear
> >> to be proper compared to other systems.
> >> * the most vexing piece of this puzzle; the firewall rules for the bad
> >> box mirror those of working boxes.
> >>
> >> Obviously I am overlooking something, but what?
> >>
> >> --
> >> Brad Willson, Owner
> >> Willson Consulting Services
> >> EM: bradw at ifixcomputers.com
> >> C: 425.891.2732
> >> http://www.ifixcomputers.com
> >>
> >>
> >>
>
>
> --
> Brad Willson, Owner
> Willson Consulting Services
> EM: bradw at ifixcomputers.com
> C: 425.891.2732
> http://www.ifixcomputers.com
>
>

More information about the Linux mailing list