Re: Network troubleshooting, any experts?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





Elam Daly wrote:

Jeff Vian wrote:

\My thoughts are that they probably know this is a server, and as such may have blocked TCP from that particular host IP address.


It appears UDP and ICMP are getting through.




They do know it's a web server, as they host our website. If TCP is being blocked though, how is it possible that can people visit the
website? I realize that http connections come in through port 80, but the responses from the webserver don't. They leave from the
webserver through any port that apache deems neccessary, correct?
Elam Daly
Whiteware Inc.

IPTABLES does stateful filtering and related connection can be established while new connections can be blocked. I use this on both ftp (allowing only port 20) and http (allowing only port 80).
A connection estqablished as a reply to a web browser request is related and can be allowed without being explicitly allowed by port number..
Any TCP connection that originates from the server is new and easily blocked.


It may be that they are using a similar firewall rule on this particular host.
Check how your ISP has the router/firewall configured and make sure they allow this host outbound connections. (As they apparently do for other hosts.)





[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux