[Firewall] Self-connect possible?

Gustin Johnson gustin at meganerd.ca
Thu Mar 18 00:14:16 CET 2010


Roland Haeder wrote:
> Hi Rance,
> 
> -----------------------------------
> quix0r at quix0r:~$ ping free-search.homelinux.org
> PING free-search.homelinux.org (94.221.128.75) 56(84) bytes of data.
> 64 bytes from dslb-094-221-128-075.pools.arcor-ip.net (94.221.128.75):
> icmp_seq=1 ttl=64 time=0.133 ms
> 64 bytes from dslb-094-221-128-075.pools.arcor-ip.net (94.221.128.75):
> icmp_seq=2 ttl=64 time=0.147 ms
> 64 bytes from dslb-094-221-128-075.pools.arcor-ip.net (94.221.128.75):
> icmp_seq=3 ttl=64 time=0.130 ms
> 64 bytes from dslb-094-221-128-075.pools.arcor-ip.net (94.221.128.75):
> icmp_seq=4 ttl=64 time=0.133 ms
> 64 bytes from dslb-094-221-128-075.pools.arcor-ip.net (94.221.128.75):
> icmp_seq=5 ttl=64 time=0.125 ms
> ^C
> --- free-search.homelinux.org ping statistics ---
> 5 packets transmitted, 5 received, 0% packet loss, time 4004ms
> rtt min/avg/max/mdev = 0.125/0.133/0.147/0.014 ms
> -----------------------------------
> 
> That IP can also be found in my router if I do a "ifconfig ppp0":
> -----------------------------------
> root at firebox:~# ifconfig  ppp0
> ppp0      Link encap:Point-to-Point Protocol  
>           inet addr:94.221.128.75  P-t-P:94.221.128.1
> Mask:255.255.255.255
>           UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
>           RX packets:297666 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:260764 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:3 
>           RX bytes:144019836 (137.3 MiB)  TX bytes:49914220 (47.6 MiB)
> -----------------------------------
> 
> So all looks fine to me. BTW: Do you need some settings? I enabled IDS
> but disabled it for port 8080 so it should not affect it.
>
Does the IP 94.221.128.75 exist on the same box as yancy (ie. is your
webserver and router the same box)?

If not, the problem is that you are experiencing NAT issues.  The
simplest solution would be to have an entry in the hosts file on the
yancy server that maps the name free-search.homelinux.org to 127.0.0.1.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
URL: <http://rocky.eld.leidenuniv.nl/pipermail/firewall/attachments/20100317/155d72c7/attachment.pgp>


More information about the Firewall mailing list