Re: www.adobe.com

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Покотиленко Костик wrote:
В Чтв, 13/11/2008 в 07:52 +0000, TheOldFellow пишет:
My firewall works well, except that I can't get any kind of access to
www.adobe.com.

This is typical:

# ping www.adobe.com
PING www.wip3.adobe.com (192.150.18.101): 56 data bytes
64 bytes from 192.150.18.101: icmp_seq=0 ttl=243 time=194.939 ms
64 bytes from 192.150.18.101: icmp_seq=1 ttl=243 time=193.576 ms
64 bytes from 192.150.18.101: icmp_seq=2 ttl=243 time=194.612 ms
64 bytes from 192.150.18.101: icmp_seq=3 ttl=243 time=194.844 ms
--- www.wip3.adobe.com ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max/stddev = 193.576/194.493/194.939/0.542 ms

so far so good...

# wget http://www.adobe.com/index.html
--07:45:04--  http://www.adobe.com/index.html
           => `index.html'
Resolving www.adobe.com... 192.150.18.101
Connecting to www.adobe.com|192.150.18.101|:80...
it just times out - browsers are the same.

Looking at the log shows the following warnings:

IPTABLES:INPUT IN=net OUT= MAC=00:a0:c9:43:8f:77:00:90:96:f7:74:42:08:00 SRC=192.150.18.101 DST=192.168.1.2 LEN=44 TOS=0x00 PREC=0x00 TTL=53 ID=9637 PROTO=TCP SPT=80 DPT=3723 WINDOW=20498 RES=0x00 URGP=0 IPTABLES:INPUT IN=net OUT= MAC=00:a0:c9:43:8f:77:00:90:96:f7:74:42:08:00 SRC=192.150.18.101 DST=192.168.1.2 LEN=44 TOS=0x00 PREC=0x00 TTL=53 ID=45688 PROTO=TCP SPT=80 DPT=3723 WINDOW=20498 RES=0x00 URGP=0 IPTABLES:INPUT IN=net OUT= MAC=00:a0:c9:43:8f:77:00:90:96:f7:74:42:08:00 SRC=192.150.18.101 DST=192.168.1.2 LEN=44 TOS=0x00 PREC=0x00 TTL=53 ID=37819 PROTO=TCP SPT=80 DPT=3723 WINDOW=20498 RES=0x00 URGP=0

It does seem strange for www.adobe.com to have privat IP 192.150.18.101
which is also as I can see the IP of your box. You are pinging your
local box but there are no web server on your box as I see. Either you
edited addresses wrong or your DNS server (or /etc/hosts) has wrong
record for www.adobe.com.

Hope that helps.

192.150.18.101 is not a private ip range (http://www.whois.ws/whois-ip/192.150.18.101/) as far as I know. But it looks like the traffic coming back from adobe is blocked? (although, should the SPT and DPT not be the swapped then?)

Guess you need to include your firewall rules to get more help.

Wessel

--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux