Re: Can't browse, ssh, or ftp but can ping and nslookup FC-3
From: Christopher K. Johnson (ckjohnson_at_gwi.net)
Date: 12/24/04
- Previous message: Bill Gradwohl: "Re: Can't browse, ssh, or ftp but can ping and nslookup FC-3"
- In reply to: Lane Inman: "Re: Can't browse, ssh, or ftp but can ping and nslookup FC-3"
- Next in thread: Lane Inman: "Re: Can't browse, ssh, or ftp but can ping and nslookup FC-3"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 23 Dec 2004 18:47:04 -0500 To: For users of Fedora Core releases <fedora-list@redhat.com>
Lane Inman wrote:
> With ACPI off, it still does not work;
> ping -s 1500 works fine....
>
> iptables --list
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
>
> Chain FORWARD (policy ACCEPT)
> target prot opt source destination
>
> Chain OUTPUT (policy ACCEPT)
> target prot opt source destination
>
>
> Lane Inman wrote:
>
> FC 3 fresh install x86_64 smp
>
> - firewall disabled
> - SELinux off
> - Interface is up
> - Names Resolve
> - Can ping hosts
> - can connect on ftp, but cant download the files
> - can't ssh to or from box...
>
>
> have added to /etc/modprobe.conf
> alias net-pf-10 off
>
> -Lane
I wouldn't recommend the acpi off for a networking problem where some
packets work fine. You will probably want to reverse that change.
Make sure you reboot after adding the "alias net-pf-10 off" to
/etc/modprobe.conf in order to make it effective.
Then make these additions to /etc/sysctl.conf. The tcp_ecn and
tcp_window_scaling may be the problem. The latter change is just one I
make to prevent responding to broadcast pings.
# Start CKJ additions for rubustness and security...
# Disable TCP ECN which some routers and servers cannot handle.
net.ipv4.tcp_ecn = 0
# Disable TCP window scaling which some routers and firewalls cannot handle.
net.ipv4.tcp_window_scaling = 0
# Disable response to broadcast icmp echo requests.
net.ipv4.icmp_echo_ignore_broadcasts = 1
# ...End CKJ additions for rubustness and security
Make the sysctl.conf changes effective by the command:
sysctl -p
Chris
-- ----------------------------------------------------------- "Spend less! Do more! Go Open Source..." -- Dirigo.net Chris Johnson, RHCE #807000448202021 -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
- Previous message: Bill Gradwohl: "Re: Can't browse, ssh, or ftp but can ping and nslookup FC-3"
- In reply to: Lane Inman: "Re: Can't browse, ssh, or ftp but can ping and nslookup FC-3"
- Next in thread: Lane Inman: "Re: Can't browse, ssh, or ftp but can ping and nslookup FC-3"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
