On Thu, 13 Nov 2008 11:02:13 +0100 Pascal Hambourg <pascal.mail@xxxxxxxxxxxxxxx> wrote: > Hello, > > TheOldFellow a écrit : > > > > # wget http://www.adobe.com/index.html > > --07:45:04-- http://www.adobe.com/index.html > > => `index.html' > > Resolving www.adobe.com... 192.150.18.101 > > Connecting to www.adobe.com|192.150.18.101|:80... > > > > it just times out - browsers are the same. <snip> > > Wget hanging after printing "Connecting to..." but before printing > "connected" seems to indicate that it didn't receive a SYN/ACK packet > from the server in response to its SYN packet. However the logged and > dropped packets do not look like SYN/ACK packets, as they do not have > the SYN and ACK flags set. > > Can you provide a capture of the resulting traffic from and to > 192.150.18.101 on interface 'net' with tcpdump, tshark or wireshark when > running wget ? E.g. > > # tcpdump -nvi net host 192.150.18.101 > > Does the problem happen if you temporarily allow all input traffic (at > least from 192.150.18.101) ? E.g. > > # iptables -I INPUT -s 192.150.18.101 -j ACCEPT Thanks, and to everyone else who tried to help. I didn't know about tcpdump, so I had to build and install it first. The output when executing the wget above is: $ sudo /usr/sbin/tcpdump -nvi net host 192.150.18.101 tcpdump: listening on net, link-type EN10MB (Ethernet), capture size 68 bytes 10:45:28.743810 IP (tos 0x0, ttl 64, id 55527, offset 0, flags [DF], proto TCP (6), length 60) 192.168.1.2.2901 > 192.150.18.101.80: Flags [S], seq 3678776487, win 5840, options [mss 1460,sackOK,TS[|tcp]> 10:45:28.932756 IP (tos 0x0, ttl 53, id 25304, offset 0, flags [none], proto TCP (6), length 44) 192.150.18.101.80 > 192.168.1.2.2901: tcp 24 [bad hdr length 0 - too short, < 20] 10:45:31.741831 IP (tos 0x0, ttl 64, id 55528, offset 0, flags [DF], proto TCP (6), length 60) 192.168.1.2.2901 > 192.150.18.101.80: Flags [S], seq 3678776487, win 5840, options [mss 1460,sackOK,TS[|tcp]> 10:45:31.930558 IP (tos 0x0, ttl 53, id 46986, offset 0, flags [none], proto TCP (6), length 44) 192.150.18.101.80 > 192.168.1.2.2901: tcp 24 [bad hdr length 0 - too short, < 20] 10:45:37.741754 IP (tos 0x0, ttl 64, id 55529, offset 0, flags [DF], proto TCP (6), length 60) 192.168.1.2.2901 > 192.150.18.101.80: Flags [S], seq 3678776487, win 5840, options [mss 1460,sackOK,TS[|tcp]> <snip> 18 packets captured 18 packets received by filter 0 packets dropped by kernel Allowing all input doesn't change a thing. Did I capture enough? Regards, R. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
