troubleshooting network settings
Kevin Kinsey
kdk at daleco.biz
Sun May 28 20:10:46 PDT 2006
Malcolm Fitzgerald wrote:
> I am running freeBSD v6.0 security on a home network behind an adsl router.
>
> I cannot connect to localhost from a browser (apache is running!)
> I cannot connect to localhost port 22 (KPackage tries to use ssh)
>
> What can cause these problems? How can I troubleshoot them?
>
> I am very new to freeBSD, so part of my question is "where do I begin?".
> I have a copy of Complete freeBSD beside me but can't get the magical
> incantations right. Suggestions appreciated.
>
New to "Nix like" systems in general, or just new to FreeBSD?
Here are a few suggestions ... no "magic bullet" here, though:
First, check to see if the interface exists:
$ ifconfig lo0
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
inet 127.0.0.1 netmask 0xff000000
So, we have a loopback interface (in this case on both IPv4
and IPv6).
-----------------------------------------------------------
$ ping localhost
PING localhost (127.0.0.1): 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.088 ms
This checks name resolution. If the machine doesn't know
where "localhost" is, you probably need to add a hint in
/etc/hosts (but that should've been done already, IIRC).
-------------------------------------------------------------
$ netstat -anf inet | grep 80
tcp4 0 0 *.80 *.* LISTEN
This shows a server listening on port 80 ... the http port.
Grep "22" for sshd. Incidentally, you can find that sort
of thing (what port number to look for) out this way:
$ grep ssh /etc/services
ssh 22/tcp #Secure Shell Login
ssh 22/udp #Secure Shell Login
sshell 614/tcp #SSLshell
sshell 614/udp
x11-ssh 6010/tcp #Unofficial name, for convenience
x11-ssh 6010/udp
--------------------------------------------------------------
This is often useful in this type of situation - we'll check
to see if something is actually running, and whether it returns
a meaningful error message if it's not:
$ telnet localhost 22
Trying ::1...
Connected to localhost.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.2p1 FreeBSD-20050903
To leave, press the "escape character" (shown),
and then type "quit"....
---------------------------------------------------------------
Are you running a firewall? If so, the loopback interface
should allow all traffic. (Of course, if it's not, you'll
have lots of trouble --- but then, you are having a little,
right?)
This box is running ipfw:
$ ipfw show
ipfw: socket: Operation not permitted
Whoops! Better use root credentials for that. I use
sudo, a 3rd party app (as do many FBSD users); you may
need to actually use "su" to get root before looking
at firewall rules.
$ sudo ipfw show
00100 47450 15295315 divert 8668 ip from any to any via xl0
00200 1279040 547068572 allow ip from any to any via lo0
So this box is doing NAT (rule 100) and is allowing traffic
on the "loopback" interface (which is from/to 127.0.0.1/localhost
---- rule 200).
---------------------------------------------------------------
If that's not enough to give some clue, write the list again
with some more information.
HTH,
Kevin Kinsey
More information about the freebsd-questions
mailing list