rohitsz Posted July 6, 2006 Report Share Posted July 6, 2006 Greetings there, I had *messed* with my firewall couple of months back, at that time i was pretty happy that i got good results from grc! But now, for a couple of days my *messing* has cost me too much that i am unable to work on a local college project. I have configured tomcat,but am unable to connect neither to http://localhost:8080 nor am i getting satisfactory status messgae from the tomcat startup script. I am attaching couple of screen output, if anyone of you can draw any conclusion, in making me talk to localhost! [root@localhost rohitsz]# ping 127.0.0.1 PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data. --- 127.0.0.1 ping statistics --- 3 packets transmitted, 0 received, 100% packet loss, time 1999ms [root@localhost rohitsz]# ping 192.168.1.1 PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data. 64 bytes from 192.168.1.1: icmp_seq=1 ttl=255 time=1.12 ms 64 bytes from 192.168.1.1: icmp_seq=2 ttl=255 time=0.871 ms 64 bytes from 192.168.1.1: icmp_seq=3 ttl=255 time=0.780 ms 64 bytes from 192.168.1.1: icmp_seq=4 ttl=255 time=0.730 ms --- 192.168.1.1 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 2999ms rtt min/avg/max/mdev = 0.730/0.877/1.128/0.154 ms [root@localhost rohitsz]# ping localhost PING localhost (127.0.0.1) 56(84) bytes of data. --- localhost ping statistics --- 3 packets transmitted, 0 received, 100% packet loss, time 1999ms [root@localhost rohitsz]# telnet 127.0.0.1 Trying 127.0.0.1... [root@localhost rohitsz]#telnet 192.168.1.1 Trying 192.168.1.1... Connected to 192.168.1.1. Escape character is '^]'. login: Connection closed by foreign host. [root@localhost rohitsz]#traceroute 127.0.0.1 traceroute to 127.0.0.1 (127.0.0.1), 30 hops max, 38 byte packets 1 * * * 2 * * * 3 * * * 4 * * * 5 * * * 6 * * * 7 * * * 8 * * * 9 * * * 10 * * * [root@localhost rohitsz]# My recent (trimmed) firewall policy is as follows: [root@localhost rohitsz]#service iptables status Table: mangle Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination Table: nat Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Table: filter Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED Chain OUTPUT (policy ACCEPT) target prot opt source destination [root@localhost rohitsz]# I also *messed* with the following,But i ahve commented that part out... but still nothing. [root@localhost rohitsz]# cat /etc/sysctl.conf # Kernel sysctl configuration file for Mandriva Linux # # For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and # sysctl.conf(5) for more details. # Disables IP dynaddr net.ipv4.ip_dynaddr = 0 # Disable ECN net.ipv4.tcp_ecn = 0 # Controls source route verification net.ipv4.conf.default.rp_filter = 1 # Controls the System Request debugging functionality of the kernel #kernel.sysrq = 0 # Controls whether core dumps will append the PID to the core filename. # Useful for debugging multi-threaded applications. kernel.core_uses_pid = 1 # If you set this variable to 1 then cd tray will close automatically when the # cd drive is being accessed. Setting this to 1 is not advised as it has been # known to cause problems when supermount is enabled. dev.cdrom.autoclose=0 # removed to fix some digital extraction problems # dev.cdrom.check_media=1 # to be able to eject via the device eject button (magicdev) dev.cdrom.lock=0 net.ipv4.icmp_ignore_bogus_error_responses=0 net.ipv4.conf.all.rp_filter=0 net.ipv4.icmp_echo_ignore_broadcasts=1 net.ipv4.icmp_echo_ignore_all=0 net.ipv4.conf.all.log_martians=0 kernel.sysrq=1 #here i brought the changes(the *messy* part) #from www.siliconvalleyccie.com/linux-hn/iptales-intro.htm #--------------------------------------------------------------- # Disable routing triangulation. Respond to queries out # the same interface, not another. Helps to maintain state # Also protects against IP spoofing #--------------------------------------------------------------- #net.ipv4.conf.all.rp_filter = 1 #--------------------------------------------------------------- # Turn on protection from Denial of Service (DOS) attacks #--------------------------------------------------------------- #net.ipv4.tcp_syncookies = 1 #--------------------------------------------------------------- # Disable responding to ping broadcasts #--------------------------------------------------------------- #net.ipv4.icmp_echo_ignore_broadcasts = 1 [root@localhost rohitsz]# eagerly waiting for any help! thanks, rohit Quote Link to comment Share on other sites More sharing options...
paul Posted July 6, 2006 Report Share Posted July 6, 2006 off the top of my head iptables -A FORWARD -d 127.0.0.1 -j ACCEPT Quote Link to comment Share on other sites More sharing options...
rohitsz Posted July 6, 2006 Author Report Share Posted July 6, 2006 Hello, off the top of my headiptables -A FORWARD -d 127.0.0.1 -j ACCEPT i tried what you said... [root@localhost rohitsz]# iptables -A FORWARD -d 127.0.0.1 -j ACCEPT [root@localhost rohitsz]# ping 127.0.0.1 PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data. --- 127.0.0.1 ping statistics --- 7 packets transmitted, 0 received, 100% packet loss, time 5998ms [root@localhost rohitsz]# Still,nothing... regards, rohit. Quote Link to comment Share on other sites More sharing options...
aioshin Posted July 7, 2006 Report Share Posted July 7, 2006 to really check if firewall causes that problem.. try to clear your iptables just for checking, as root.. . #iptables -F . it will leave iptables empty and accepts everything, then ping loopback again.. Quote Link to comment Share on other sites More sharing options...
rohitsz Posted July 7, 2006 Author Report Share Posted July 7, 2006 (edited) Hello, to really check if firewall causes that problem.. try to clear your iptables just for checking, as root... #iptables -F . it will leave iptables empty and accepts everything, then ping loopback again.. I tried flushing the firewall rules,but still nothing.. surprisingly,i am unable to access any website,since flushing the rules...(this i am writing from another system) i just doubt,is the /etc/sysctl.conf file all ok? <edit> here's some more output: [root@localhost rohitsz]# service iptables status [root@localhost rohitsz]# ping 127.0.0.1 PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data. --- 127.0.0.1 ping statistics --- 4 packets transmitted, 0 received, 100% packet loss, time 2999ms [root@localhost rohitsz]# i had to use shorewall to allow everything thru the firewall to enable access to sites. </edit> <edit2> [root@localhost rohitsz]# service shorewall status Shorewall-2.4.1 Status at localhost - Fri Jul 7 08:41:27 IST 2006 Counters reset Thu Jul 6 11:20:15 IST 2006 Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Mar 4 17:51:29 net2all:DROP:IN=ppp0 OUT= SRC=60.191.43.37 DST=203.94.241.21 LEN=404 TOS=0x00 PREC=0x00 TTL=115 ID=28699 PROTO=UDP SPT=1190 DPT=1434 LEN=384 Mar 4 17:58:34 net2all:DROP:IN=ppp0 OUT= SRC=203.94.232.72 DST=203.94.241.21 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=14577 DF PROTO=TCP SPT=3866 DPT=80 WINDOW=8760 RES=0x00 SYN URGP=0 Mar 4 17:58:42 net2all:DROP:IN=ppp0 OUT= SRC=203.94.232.72 DST=203.94.241.21 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=16476 DF PROTO=TCP SPT=3866 DPT=80 WINDOW=8760 RES=0x00 SYN URGP=0 Mar 4 17:58:57 net2all:DROP:IN=ppp0 OUT= SRC=203.94.232.72 DST=203.94.241.21 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=19328 DF PROTO=TCP SPT=2344 DPT=443 WINDOW=8760 RES=0x00 SYN URGP=0 Mar 4 18:01:24 net2all:DROP:IN=ppp0 OUT= SRC=221.10.158.106 DST=203.94.241.21 LEN=928 TOS=0x00 PREC=0x00 TTL=48 ID=0 DF PROTO=UDP SPT=34689 DPT=1027 LEN=908 Mar 4 18:04:55 net2all:DROP:IN=ppp0 OUT= SRC=212.176.49.56 DST=203.94.241.21 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=42993 PROTO=TCP SPT=61072 DPT=1080 WINDOW=65535 RES=0x00 SYN URGP=0 Mar 4 18:08:36 net2all:DROP:IN=ppp0 OUT= SRC=221.208.208.86 DST=203.94.241.21 LEN=485 TOS=0x00 PREC=0x00 TTL=49 ID=0 DF PROTO=UDP SPT=54781 DPT=1027 LEN=465 Mar 4 18:09:03 net2all:DROP:IN=ppp0 OUT= SRC=203.94.92.207 DST=203.94.241.21 LEN=48 TOS=0x00 PREC=0x00 TTL=112 ID=64084 DF PROTO=TCP SPT=1654 DPT=80 WINDOW=8760 RES=0x00 SYN URGP=0 Mar 4 18:09:06 net2all:DROP:IN=ppp0 OUT= SRC=203.94.92.207 DST=203.94.241.21 LEN=48 TOS=0x00 PREC=0x00 TTL=112 ID=64282 DF PROTO=TCP SPT=1654 DPT=80 WINDOW=8760 RES=0x00 SYN URGP=0 Mar 4 18:11:01 net2all:DROP:IN=ppp0 OUT= SRC=203.94.234.7 DST=203.94.241.21 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=3684 DF PROTO=TCP SPT=4296 DPT=80 WINDOW=8760 RES=0x00 SYN URGP=0 Mar 4 18:11:04 net2all:DROP:IN=ppp0 OUT= SRC=71.137.195.210 DST=203.94.241.21 LEN=48 TOS=0x00 PREC=0x00 TTL=109 ID=16327 DF PROTO=TCP SPT=3293 DPT=1080 WINDOW=64240 RES=0x00 SYN URGP=0 Mar 4 18:11:04 net2all:DROP:IN=ppp0 OUT= SRC=203.94.234.7 DST=203.94.241.21 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=3870 DF PROTO=TCP SPT=4296 DPT=80 WINDOW=8760 RES=0x00 SYN URGP=0 Mar 4 18:11:10 net2all:DROP:IN=ppp0 OUT= SRC=203.94.234.7 DST=203.94.241.21 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=4184 DF PROTO=TCP SPT=4296 DPT=80 WINDOW=8760 RES=0x00 SYN URGP=0 Mar 4 18:11:22 net2all:DROP:IN=ppp0 OUT= SRC=203.94.234.7 DST=203.94.241.21 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=4888 DF PROTO=TCP SPT=4731 DPT=443 WINDOW=8760 RES=0x00 SYN URGP=0 Mar 4 18:11:26 net2all:DROP:IN=ppp0 OUT= SRC=203.94.234.7 DST=203.94.241.21 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=5065 DF PROTO=TCP SPT=4731 DPT=443 WINDOW=8760 RES=0x00 SYN URGP=0 Mar 4 18:11:31 net2all:DROP:IN=ppp0 OUT= SRC=203.94.234.7 DST=203.94.241.21 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=5341 DF PROTO=TCP SPT=4731 DPT=443 WINDOW=8760 RES=0x00 SYN URGP=0 Mar 4 18:14:28 net2all:DROP:IN=ppp0 OUT= SRC=217.159.217.218 DST=203.94.241.21 LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=7395 PROTO=TCP SPT=49093 DPT=1080 WINDOW=65535 RES=0x00 SYN URGP=0 Mar 4 18:15:57 net2all:DROP:IN=ppp0 OUT= SRC=222.171.27.36 DST=203.94.241.21 LEN=485 TOS=0x00 PREC=0x00 TTL=46 ID=0 DF PROTO=UDP SPT=40152 DPT=1027 LEN=465 Mar 4 18:16:45 net2all:DROP:IN=ppp0 OUT= SRC=221.208.208.202 DST=203.94.241.21 LEN=485 TOS=0x00 PREC=0x00 TTL=48 ID=0 DF PROTO=UDP SPT=50731 DPT=1026 LEN=465 Mar 4 18:16:45 net2all:DROP:IN=ppp0 OUT= SRC=221.208.208.202 DST=203.94.241.21 LEN=485 TOS=0x00 PREC=0x00 TTL=48 ID=0 DF PROTO=UDP SPT=50731 DPT=1027 LEN=465 NAT Table Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Mangle Table Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination IP Configuration 1: lo: <LOOPBACK> mtu 16436 qdisc noop link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: sit0: <NOARP> mtu 1480 qdisc noop link/sit 0.0.0.0 brd 0.0.0.0 3: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:40:05:3e:5c:d4 brd ff:ff:ff:ff:ff:ff inet 192.168.1.2/24 brd 192.168.1.255 scope global eth0 inet6 fe80::240:5ff:fe3e:5cd4/64 scope link valid_lft forever preferred_lft forever IP Stats 1: lo: <LOOPBACK> mtu 16436 qdisc noop link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 RX: bytes packets errors dropped overrun mcast 0 0 0 0 0 0 TX: bytes packets errors dropped carrier collsns 0 0 0 0 0 0 2: sit0: <NOARP> mtu 1480 qdisc noop link/sit 0.0.0.0 brd 0.0.0.0 RX: bytes packets errors dropped overrun mcast 0 0 0 0 0 0 TX: bytes packets errors dropped carrier collsns 0 0 0 0 0 0 3: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:40:05:3e:5c:d4 brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 227239 316 0 0 0 0 TX: bytes packets errors dropped carrier collsns 95035 349 0 0 0 0 /proc /proc/sys/net/ipv4/ip_forward = 0 /proc/sys/net/ipv4/icmp_echo_ignore_all = 0 /proc/sys/net/ipv4/conf/all/proxy_arp = 0 /proc/sys/net/ipv4/conf/all/arp_filter = 0 /proc/sys/net/ipv4/conf/all/rp_filter = 0 /proc/sys/net/ipv4/conf/all/log_martians = 0 /proc/sys/net/ipv4/conf/default/proxy_arp = 0 /proc/sys/net/ipv4/conf/default/arp_filter = 0 /proc/sys/net/ipv4/conf/default/rp_filter = 1 /proc/sys/net/ipv4/conf/default/log_martians = 0 /proc/sys/net/ipv4/conf/eth0/proxy_arp = 0 /proc/sys/net/ipv4/conf/eth0/arp_filter = 0 /proc/sys/net/ipv4/conf/eth0/rp_filter = 1 /proc/sys/net/ipv4/conf/eth0/log_martians = 0 /proc/sys/net/ipv4/conf/lo/proxy_arp = 0 /proc/sys/net/ipv4/conf/lo/arp_filter = 0 /proc/sys/net/ipv4/conf/lo/rp_filter = 0 /proc/sys/net/ipv4/conf/lo/log_martians = 0 Routing Rules 0: from all lookup local 32766: from all lookup main 32767: from all lookup default Table default: Table local: broadcast 192.168.1.0 dev eth0 proto kernel scope link src 192.168.1.2 local 192.168.1.2 dev eth0 proto kernel scope host src 192.168.1.2 broadcast 192.168.1.255 dev eth0 proto kernel scope link src 192.168.1.2 Table main: 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.2 metric 10 default via 192.168.1.1 dev eth0 metric 10 ARP ? (192.168.1.1) at 00:15:E9:25:C7:89 [ether] on eth0 Modules ip_conntrack 40824 1 iptable_nat ip_tables 20416 3 iptable_mangle,iptable_nat,iptable_filter [root@localhost rohitsz]# </edit2> i am clueless! regards, rohit. Edited July 7, 2006 by rohitsz Quote Link to comment Share on other sites More sharing options...
rohitsz Posted July 8, 2006 Author Report Share Posted July 8, 2006 Greetings there, I posted my problem at tomcat user's mailing list, and from there i got the following reply: (assuming your configs are backed up) check out modify configs at /etc/rc.d/init.d/network *AND* /etc/sysconfig/network-scripts/ifup *then do* service network restart *then ICMP ping* ping WhateverHostYouWantToPing and also this: I think you need to fix your networking issues before trying to setup tomcat. If the link you supplied is your support case, the lo network interface isn't working or properly configured. ifconfig on a console logged in as root should show the active network interfaces including at least eth0 and lo. lo should have a inet addr of 127.0.0.1. Tomcat binds it's shutdown port specifically to 127.0.0.1. If that address doesn't exist on the local system, the error below will occur. Being a newbie, i simply tried what i could understand,i could do. [root@localhost rohitsz]# service network restart Shutting down interface eth0: [ OK ] Shutting down loopback interface: [ OK ] Setting network parameters: [ OK ] Bringing up loopback interface: [ OK ] Bringing up interface sit0: [ OK ] Bringing up interface ppp0: pppd: unrecognized option 'No' pppd version 2.4.3 Usage: pppd [ options ], where options are: <device> Communicate over the named device <speed> Set the baud rate to <speed> <loc>:<rem> Set the local and/or remote interface IP addresses. Either one may be omitted. asyncmap <n> Set the desired async map to hex <n> auth Require authentication from peer connect <p> Invoke shell command <p> to set up the serial line crtscts Use hardware RTS/CTS flow control defaultroute Add default route through interface file <f> Take options from file <f> modem Use modem control lines mru <n> Set MRU value to <n> for negotiation See pppd(8) for more options. [FAILED] [root@localhost rohitsz]# ping 127.0.0.1 PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data. 64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.086 ms 64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.062 ms 64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.063 ms 64 bytes from 127.0.0.1: icmp_seq=4 ttl=64 time=0.063 ms 64 bytes from 127.0.0.1: icmp_seq=5 ttl=64 time=0.062 ms 64 bytes from 127.0.0.1: icmp_seq=6 ttl=64 time=0.065 ms 64 bytes from 127.0.0.1: icmp_seq=7 ttl=64 time=0.060 ms 64 bytes from 127.0.0.1: icmp_seq=8 ttl=64 time=0.063 ms 64 bytes from 127.0.0.1: icmp_seq=9 ttl=64 time=0.062 ms --- 127.0.0.1 ping statistics --- 9 packets transmitted, 9 received, 0% packet loss, time 7999ms rtt min/avg/max/mdev = 0.060/0.065/0.086/0.008 ms [root@localhost rohitsz]# /usr/local/tomcat/bin/startup.sh Using CATALINA_BASE: /usr/local/tomcat Using CATALINA_HOME: /usr/local/tomcat Using CATALINA_TMPDIR: /usr/local/tomcat/temp Using JRE_HOME: /usr/java/jdk1.5.0_06 [root@localhost rohitsz]# From then on, things started to worked, and i have tomcat running! i asked for an explanation there, as to how it happened, i did got a reply, but i could not make anything out of it... You have correctly reconfigured your interfaces to accept traffic on Port 8080 from/to127.0.0.1-You have also correctly configured DNS/BIND entry for localhost The hard part will be to make sure your vendor doesnt muck with a working configuration.. i did not ask more anything there, as i would have been off-topic, so could someone here explain what made tomcat listen to that port and what could be the state of my firewall! thanks, rohit. Quote Link to comment Share on other sites More sharing options...
iphitus Posted July 8, 2006 Report Share Posted July 8, 2006 ping localhost doesnt work because you dont have a DNS entry assigned. the easiest way is to just add a line in /etc/hosts that points localhost to 127.0.0.1 telnet 127.0.0.1 doesnt work because you arent running telnet, no distro I know of out there installs a telnet server out of the box, let alone starts it by default. James Quote Link to comment Share on other sites More sharing options...
rohitsz Posted July 8, 2006 Author Report Share Posted July 8, 2006 (edited) Hello there, ping localhost doesnt work because you dont have a DNS entry assigned. the easiest way is to just add a line in /etc/hosts that points localhost to 127.0.0.1 telnet 127.0.0.1 doesnt work because you arent running telnet, no distro I know of out there installs a telnet server out of the box, let alone starts it by default. James here's my telnet output(for 192.168.1.1): [root@localhost rohitsz]# telnet 192.168.1.1 Trying 192.168.1.1... Connected to 192.168.1.1. Escape character is '^]'. login: root Password: BusyBox v0.61.pre (2005.08.25-07:00+0000) Built-in shell (ash) Enter 'help' for a list of built-in commands. # ls bin etc proc usr var.tar dev lib sbin var # Connection closed by foreign host. [root@localhost rohitsz]# and here's my /etc/hosts [root@localhost rohitsz]# cat /etc/hosts # generated by drakhosts 127.0.0.1 localhost [root@localhost rohitsz]# But these did not make me reach to the solution of the problem... the main command was: #service network restart that made things going for me... Still lost! rohit. Edited July 8, 2006 by rohitsz Quote Link to comment Share on other sites More sharing options...
iphitus Posted July 8, 2006 Report Share Posted July 8, 2006 telnet works to 192.168.1.1, because that's your router (hence the minimal busybox shell and filesystem), and it most probably has a telnet interface of some sort. telnet wont work on localhost until you setup a server. James Quote Link to comment Share on other sites More sharing options...
tyme Posted July 8, 2006 Report Share Posted July 8, 2006 ping localhost doesnt work because you dont have a DNS entry assigned. the easiest way is to just add a line in /etc/hosts that points localhost to 127.0.0.1 he was originally trying to ping 127.0.0.1 which should work even if he doesn't have an entry in /etc/hosts try stopping your firewall: service shorewall stop i think is the right command (either that or try firewall or iptables for the service name - i forget which is right). then try pinging and telneting - if it still doesn't work then the firewall shouldn't be your problem. Quote Link to comment Share on other sites More sharing options...
rohitsz Posted July 8, 2006 Author Report Share Posted July 8, 2006 Hello there, try stopping your firewall: service shorewall stop i think is the right command (either that or try firewall or iptables for the service name - i forget which is right). then try pinging and telneting - if it still doesn't work then the firewall shouldn't be your problem. I tried what you said,here's the output: [root@localhost rohitsz]# service iptables s save start status stop [root@localhost rohitsz]# service iptables stop Resetting built-in chains to the default ACCEPT policy: [ OK ] [root@localhost rohitsz]# ping 127.0.0.1 PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data. --- 127.0.0.1 ping statistics --- 4 packets transmitted, 0 received, 100% packet loss, time 2999ms [root@localhost rohitsz]# service shorewall stop Loading /usr/share/shorewall/functions... Processing /etc/shorewall/params ... Processing /etc/shorewall/shorewall.conf... Loading Modules... Stopping Shorewall...Processing /etc/shorewall/stop ... iptables v1.3.3: Couldn't load target `Ifw':/lib/iptables/libipt_Ifw.so: cannot open shared object file: No such file or directory Try `iptables -h' or 'iptables --help' for more information. iptables: No chain/target/match by that name iptables: No chain/target/match by that name ipset v2.2.2: Unknown set ipset v2.2.2: Unknown set WARNING: DISABLE_IPV6=Yes in shorewall.conf but this system does not appear to have ip6tables IP Forwarding Enabled Processing /etc/shorewall/stopped ... done. [root@localhost rohitsz]# ping 127.0.0.1 PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data. --- 127.0.0.1 ping statistics --- 5 packets transmitted, 0 received, 100% packet loss, time 3998ms [root@localhost rohitsz]# I still do not understand, how did this service network restart allowed tomcat to listen to port 8080. thank you all for bearing with my newbie-ness :-) rohit. Quote Link to comment Share on other sites More sharing options...
rohitsz Posted July 11, 2006 Author Report Share Posted July 11, 2006 Hello there, I still do not understand, how did this service network restart allowed tomcat to listen to port 8080. Well on more detailed examination, i figured out that the local loopback connection is the thing that is at the bottom of the problem.As the above command, disconnected me from internet also, i started to figure out a way to overcome it.. I did this: [root@localhost rohitsz]# ifup lo [root@localhost rohitsz]# And after that starting tomcat, i could see the standard tomcat page. So, how do i make these two steps automatic?? thanks, rohit. Quote Link to comment Share on other sites More sharing options...
tyme Posted July 11, 2006 Report Share Posted July 11, 2006 lo should always be brought up during boot. if it's not coming up during boot than it's definitely the source of your problems. right now i'm not at a linux pc and my memory is bad...so i can't think of what you need to check to see what's up with lo not started :lol: but i'll get back to you. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.