I am seeing some weird behavior in which there appears to be a "second firewall" blocking certain ports, even when I turn the firewall off.
I just upgraded from FC4 to FC8 (actually a fresh reinstall). I run a variety of services including sshd, httpd, named, and qmail. I am trying to restore all of my services and encountering what seems like a weird routing issue. The default FC8 install turns on the firewall and SELinux. The first thing I did was turn off both the firewall and SELinux, but they had no effect on the problem, which I will describe here in more detail.
Both named and apache seem to be accessible if accessed as localhost, but not by the canonical IP address of my system, whether from on or off the host. For instance,
[root@notfoo ~]# nslookup
> server localhost
Default server: localhost
Address: 127.0.0.1#53
>
www.nightmoose.net
;; connection timed out; no servers could be reached
>
[root@notfoo ~]# nslookup
> server localhost
Default server: localhost
Address: 127.0.0.1#53
>
www.nightmoose.net
Server: localhost
Address: 127.0.0.1#53
www.nightmoose.net canonical name = notfoo.nightmoose.net.
Name: notfoo.nightmoose.net
Address: 69.17.59.112
> server 69.17.59.112
Default server: 69.17.59.112
Address: 69.17.59.112#53
>
www.nightmoose.net
;; connection timed out; no servers could be reached
I've checked all of the obvious things to no avail. A similar thing happens when trying to access port 80. Strangely I can ssh in just fine (just as if it was a firewall).
Some details for you ...
[root@notfoo ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:50:04:AD:9B:69
inet addr:69.17.59.112 Bcast:69.17.59.255 Mask:255.255.255.0
inet6 addr: fe80::250:4ff:fead:9b69/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:402501 errors:0 dropped:0 overruns:0 frame:0
TX packets:315599 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:482201554 (459.8 MiB) TX bytes:24251700 (23.1 MiB)
Interrupt:11 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:3320 errors:0 dropped:0 overruns:0 frame:0
TX packets:3320 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:249109 (243.2 KiB) TX bytes:249109 (243.2 KiB)
[root@notfoo ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
69.17.59.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 69.17.59.1 0.0.0.0 UG 0 0 0 eth0
[root@notfoo ~]# iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Using tcpdump, I have determined that request packets are arriving. I see them come in, both from outside and from internally via the canonical IP address. No packets ever emanate from named.
By running named in verbose debug mode, I have verified that it receives requests through localhost, and that requests coming from outside are never even reaching named. Somehow, they are getting dropped instead of being handed to named as they ought to be.
I am out of ideas at this point. I checked the FC8 bug list to no avail. I saw some similar problems from others on the web, but none of the solutions were applicable in this case. Any and all suggestions you have will be welcomed, however!
Thanks much.
-ross
Threaded Mode
