Cant ping new mandrake 10 box - but can ping from it

[PeteH2]

Hi,

I have a strange problem. I've just done a plain installation of Mandrake 10, requesting Samba and Apache. The install proceeded ok with no errors.

On restarting I have set given the box a static ip address of 10.10.0.80. There is nothing in /etc/hosts.deny and /etc/hosts.allow has 10.10.0.0 in it.

I can ping from to other machines on the network to the box, but i cant ping the box from other machines. I know that DNS is working because the local DNS server resolves the hostname correctly and I can see internet pages ok.

It sounds as if there is a firewall installed somewhere, but it doesnt appear to be listed.

So, my questions to you all, are:

1. If there is a firewall, how do I know:

what the applciation is?

which directory the program files, config files are in?

how to configure it?

2. Can it be run from any directory (like putting the firewall program dir in the PATH statement of DOS) and if so, how ?

3. Can it be un-installed - the box is behind a hardware firewall anyway.

4. What am I missing and any other tips


Thanks in advance

Pete...

 

[franklin97355]

Are you trying to ping through a router?

 

[stefanwagner]

... but i cant ping the box from other machines.

what does it mean?
No reply?
An Error-message?
'all packets lost'?

Sometimes ping isn't allowed (except root) to prevent DoS-Attacks.

seeking a job as java-programmer in Berlin:

http://home.arcor.de/hirnstrom/bewerbung

 

[PeteH2]

The mandrake box and all other machines are behind a hardware firewall and attached to the same switch - I just get a 'request timed out' error.

It does sound as if stefanwagner has hit the nail on the head, therefore my questions would now be:

1. How do I find out what the setting is?

which directory the program files, config files are in?

how to configure it?

2. What am I missing and any other tips




Thanks in advance

Pete...


PS
How *do* you run a program from any directory (like putting the program dir in the PATH statement of DOS)

 

[galger]

I have the same issue with redhat9.. I would love to know the answer.. going crazy trying to figure it out.

 

[rwyatt85]

Wow, very similar to my problem.

I have Mandrake 10.1 installed running a Samba Server at 10.30.0.80 (C Subnets and VLANS).

My samba server was working fine for about 2 weeks then yesterday it started up with this.

It cannot ping itself, either (10.30.0.80 OR 127.0.0.1).

It can ping other boxes and has internet connectivity.

The firewall is disabled, but the security setting is at "higher"

Random machines can still connect to it, while others are unable to map their drives to it at logon. I'm unable to ping the box from within my own vlan.

hosts and hosts.allow are clean, but hosts.deny reads: ALL:ALL EXCEPT 127.0.0.1ENY
Havent played with that because im not sure what that line is actually doing. It looks suspicious though!

 

[rwyatt85]

Oh, and to answer the question: How *do* you run a program from any directory (like putting the program dir in the PATH statement of DOS)?


The /bin and /sbin directories in linux serve the same purpose as system32 would in windows NT, or path statements in DOS. /sbin is for root-only though. good for delegation of control.

 

[oppcos]

Ping is facilitated through the icmp protocol. There are a half dozen ways to disable it, but to give you some usual suspects, check your inetd services, iptables filtering, and see if it is disabled in your kernel configuration.

 

[me262]

I'm having some similar problem in mandrake 10.1
I've commented this line in hosts.deny, and allows me to use ssh.

# all:all except 127.0.0.1 deny

The problem I'm having, is that something keeps reinserting this line into my hosts.deny

all:all except 127.0.0.1 deny

it's very frustrating, as I rely on ssh in order to work on it, the box is in the basement, and I don't want to keep running down there just to get ssh working.

maybe I could put something into hosts.allow, like a portmap?

someone help me out on this, I'm really new to how a linux firewall works.

 

[me262]

also, read that line out a few times.
all:all except 127.0.0.1 deny

it reads out: deny all traffic except from localhost (127.0.0.1, the machine itself)

there are some programs that don't follow this rule, like squid, httpd, and ftpd (that I know of)

ssh is one of those programs that follows the rules laid out in the hosts files