Subject: | |
From: | |
Reply To: | |
Date: | Sat, 1 Dec 2007 17:40:23 -0600 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Could it be due to my pc or university network? If it is in my pc is
there a way to allow port 2401?
Many thanks.
Taylan
John Summerfield wrote:
> John Summerfield wrote:
>> Taylan Yetkin wrote:
>>> Both ping and traceroute the host from fermi machines returns
>>> success. I need some time to understand the use of tcpdump.
>>> thanks,
>>> Taylan
>>
>> There's a fair chance there's a problematic firewall rule. Some
>> examples that can confuse the issue.
>
> I can reach (ping) that host from here. Here's is what tcpdump shows
> me when I telnet to it:
>
> 08:35:27.548153 IP neutralino.physics.uiowa.edu >
> dsl-58-6-192-22.wa.westnet.com.au: icmp 68: host
> neutralino.physics.uiowa.edu unreachable - admin prohibited
>
> I interpret this as a firewall difficulty, the firewall is rejecting
> the traffic with the excuse "icmp-admin-prohibited" which seems fairly
> sensible.
>
> Same if I try port 25.
>
>
>
>>
>> smtp connexions from some locations to my gateway are forward using a
>> DNAT rule to an internal system. If the internal system's down, a
>> "host unreachable" response goes back, but ping and traceroute would
>> work.
>>
>> When an unwelcome packet arrives at my gateway, I can choose to
>> ignore it (DROP in iptables) or REJECT it. If I REJECT, I can add the
>> excuse "icmp-host-unreachable."
>>
>>
>> A good start with tcpdump is something like this:
>>
>> tcpdump -i eth0 -s 8888 host cvs-server
>>
>> or use wireshark which has the same abilities and a GUI to guide the
>> beginner.
>>
>>
>>
>>
>
>
|
|
|