> -----Original Message----- > From: Vimal [mailto:j.vimal@xxxxxxxxx] > Sent: Monday, September 15, 2008 8:06 PM > To: Xu, Qiang (FXSGSC) > Cc: Rob Sterenborg; netfilter@xxxxxxxxxxxxxxx > Subject: Re: iptables not prevent access > > > As someone mentioned on this thread, use: netstat -nr and > paste the output here. Done. > Hmmm... Could you paste the output of an ifconfig equivalent program? > I am not sure what it is on Windows (ipconfig, maybe?). But, > this will show all the network interfaces. The output of the command "ipconfig" ------------------------------------ C:\Documents and Settings\Administrator>ipconfig /all Windows IP Configuration Host Name . . . . . . . . . . . . : nutrinity Primary Dns Suffix . . . . . . . : crmttrinity.lab Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : crmttrinity.lab Ethernet adapter Local Area Connection 2: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : NVIDIA nForce Networking Controller Physical Address. . . . . . . . . : 00-50-8D-7E-51-29 DHCP Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 13.121.8.119 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 13.121.8.1 DNS Servers . . . . . . . . . . . : 127.0.0.1 13.135.130.15 Primary WINS Server . . . . . . . : 13.121.11.9 Secondary WINS Server . . . . . . : 13.135.134.15 13.151.134.15 ------------------------------------ Seems only one ethernet interface. > You did mention that you ran a network packet capturing > program. Could you run it on _all_ interfaces? Yes, with WireShark, I tried to capture all the packets with MacAddress (with the filter "ether host 00:50:8d:7e:51:29"), but there are still no packets to and from 13.121.8.106 (the server). > (Just a wild guess) One other possibility is that your server > == your client (13.121.8.119). In this case, all packets are > routed via lo, and not via eth0. :) Can you type: > http://127.0.0.1 in your browser to see if you can access the website? The server is definitely not the client. The server is a printer (13.121.8.106). The client is a Windows 2003 Server (13.121.8.119). :-( > > Could you try this: > > * Run the sniffing software on the client, capturing _all_ > packets (without any filter) and on _all_ interfaces. > * From the client (119) access the server webpage. > * See what you get on the client side. Just as I said, open WebUI of 13.121.8.106 on 119 while capturing network packets with MacAddress, but that didn't help, either. :-( > I hope I wasn't too confusing. > > -- > Vimal > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
