[CentOS] 2 questions on CentOS firewall

Wed Jul 20 18:59:08 UTC 2011
Ljubomir Ljubojevic <office at plnet.rs>

Timothy Murphy wrote:
> Markus Falb wrote:
> 
>> I would use tcpdump on the CentOS Server to be sure the icmp echo
>> requests are arriving or not. tcpdump is something like ethereal but it
>> could be as easy as
>>
>> $ tcpdump -l proto \\icmp
>> or
>> $ tcpdump -l proto \\icmp and host sourceip
>> or
>> $ tcpdump -li ethX proto \\icmp
>> or
>> ...
> 
> Thanks for the instructions.
> Nothing seems to get through:
> --------------------------------------
> [tim at helen ~]$ ping anghiari.homelinux.com
> PING anghiari.homelinux.com (79.46.6.203) 56(84) bytes of data.
> 
> --- anghiari.homelinux.com ping statistics ---
> 3 packets transmitted, 0 received, 100% packet loss, time 2000ms
> --------------------------------------
> 
> --------------------------------------
> [root at alfred tim]# tcpdump -l proto \\icmp
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
> 
> --------------------------------------
> 
> So I assume the modem is rejecting the ICMP packets.
> As I said, I don't see anything about this
> in the modem documentation or on the modem web-site.
> 
> 

ICMP packet always reaches the system with destination IP, unless it was 
purposely redirected by the system with the IP. In your case this is 
modem/router, so he responds.

-- 

Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

Google is the Mother, Google is the Father, and traceroute is your
trusty Spiderman...
StarOS, Mikrotik and CentOS/RHEL/Linux consultant