iptables fubared?

[NOSpaze]

On Thu, 2012-10-04 at 15:00 -0700, Mark Space wrote:
> I tried this with tcpdump running on the server.  It surprised me when I 
> saw tcpdump respond.  Firefox still says "cannot connect" from an 
> external workstation, but my server is seeing something at least.
> 
> I won't bore you with all of it, but here's the first bit:
> 
> $ sudo  tcpdump -i eth0 -n "port 80"
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
> 21:54:16.482166 IP 99.92.208.198.52890 > 10.211.163.215.http: Flags [S], 
> seq 2014763367, win 8192, options [mss 1460,nop,wscale 
> 2,nop,nop,sackOK], length 0
> 21:54:16.482251 IP 10.211.163.215.http > 99.92.208.198.52890: Flags 
> [R.], seq 0, ack 2014763368, win 0, length 0
> 21:54:16.731133 IP 99.92.208.198.52891 > 10.211.163.215.http: Flags [S], 
> seq 1148493083, win 8192, options [mss 1460,nop,wscale 
> 2,nop,nop,sackOK], length 0
> 21:54:16.731183 IP 10.211.163.215.http > 99.92.208.198.52891: Flags 
> [R.], seq 0, ack 1148493084, win 0, length 0
> 21:54:17.080885 IP 99.92.208.198.52890 > 10.211.163.215.http: Flags [S], 
> seq 2014763367, win 8192, options [mss 1460,nop,wscale 
> 2,nop,nop,sackOK], length 0
> ....{{ sinpage }}....
> ^C
> 36 packets captured
> 36 packets received by filter
> 0 packets dropped by kernel
> 
> The server appears to be trying to give a response. (99.92.208.198 is my 
> workstation external IP address).  It's like FF can't get the response.  
> Hmm.

Ok. Did you check you can ping? First, routing, second, transport (ISO
layers 3, then 4, then 5, then 6, then 7).

Instead of firefox, use telnet (from windows or linux), this way:

telnet my.ip.addr.ess 80

then  write 

GET / 
(press ENTER TWICE)

You should see html code.

:)