Date: Mon, 24 Mar 2003 03:06:25 GMT From: abc@ai1.anchorage.mtaonline.net To: Jason Hunt <leth@primus.ca> Cc: mackan <markus@markus.pp.se>, Bill Moran <wmoran@potentialtech.com>, freebsd-questions <questions@FreeBSD.ORG> Subject: Re: where packets are dropped in route Message-ID: <200303240306.h2O36PAt051819@en26.ai1.anchorage.mtaonline.net>
next in thread | raw e-mail | index | archive | help
> > > Maybe your ISP is blocking port 22 after all. nmap will tell you.
> > >
> >
> > can nmap (which i don't have installed) tell me more
> > than telnet - as far as a where a specific IP/port packet
> > is being blocked/dropped?
> >
>
> If you mean where along the path it is getting dropped, no. Other than
> what you have tried so far with traceroute, I don't believe there is
> really any way to tell WHERE certain ports are being dropped. For all
> you know, there could be a transparent firewall that drops the packet
> and does not send back an ICMP notification.
>
> Hope this helps.
to finish the thread nicely, this is the result of nmap (-P0 required):
$ nmap -p 22 -P0 -sA MY-GW-IP
Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on (MY-GW-IP):
Port State Service
22/tcp filtered ssh
Nmap run completed -- 1 IP address (1 host up) scanned in 36 seconds
$ nmap -p 22 -P0 -sW MY-GW-IP
Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on (MY-GW-IP):
Port State Service
22/tcp filtered ssh
Nmap run completed -- 1 IP address (1 host up) scanned in 37 seconds
---
"filtered" means that nmap(1) cannot determine if a port
is open or closed - because it can't reach it, the
traceroute(8) utility confirms (i guess):
---
$ traceroute -p 22 -P tcp 12.17.140.247
1 1-118-237-24 (24.237.118.1) 150.900 ms 226.750 ms 99.080 ms
2 177-48-96-206 (206.96.48.177) 109.873 ms 118.265 ms 109.982 ms
3 81-128-165-209 (209.165.128.81) 129.754 ms 108.081 ms 129.900 ms
4 9-128-165-209 (209.165.128.9) 99.918 ms 108.252 ms *
5 202-129-165-209 (209.165.129.202) 140.307 ms 128.159 ms 129.912 ms
6 213-129-165-209 (209.165.129.213) 129.899 ms 128.249 ms 129.883 ms
7 sl-gw11-sea-0-2.sprintlink.net (144.228.93.233) 129.916 ms 247.420 ms 119.160 ms
8 sl-bb21-sea-9-3.sprintlink.net (144.232.6.117) 129.923 ms 129.112 ms 129.866 ms
9 sprint-gw.st6wa.ip.att.net (192.205.32.173) 129.941 ms 236.239 ms 129.925 ms
10 gbr4-p40.st6wa.ip.att.net (12.123.44.134) 129.878 ms 276.170 ms 129.826 ms
11 gbr1-p40.st6wa.ip.att.net (12.122.5.162) 129.890 ms 128.086 ms 129.896 ms
12 gar1-p360.st6wa.ip.att.net (12.123.44.58) 139.894 ms 128.144 ms 129.860 ms
13 12.123.203.1 (12.123.203.1) 159.911 ms 159.252 ms 159.929 ms
14 12.124.174.58 (12.124.174.58) 159.894 ms 179.251 ms 189.900 ms
15 12.17.140.1 159.916 ms 219.640 ms 169.925 ms
16 * * *
** TCP SSH port blocked by 12.17.140.1
$ traceroute -p 22 -P udp 12.17.140.247
1 1-118-237-24 (24.237.118.1) 140.974 ms 96.948 ms 109.883 ms
2 177-48-96-206 (206.96.48.177) 99.909 ms 108.272 ms 100.431 ms
3 81-128-165-209 (209.165.128.81) 109.347 ms 98.296 ms 99.874 ms
4 9-128-165-209 (209.165.128.9) 99.923 ms 98.214 ms 99.894 ms
5 202-129-165-209 (209.165.129.202) 129.904 ms 128.249 ms 130.284 ms
6 * * 213-129-165-209 (209.165.129.213) 130.333 ms
7 sl-gw11-sea-0-2.sprintlink.net (144.228.93.233) 128.730 ms 127.648 ms 129.876 ms
8 sl-bb21-sea-9-3.sprintlink.net (144.232.6.117) 129.907 ms 128.742 ms 129.378 ms
9 * sprint-gw.st6wa.ip.att.net (192.205.32.173) 180.893 ms 127.553 ms
10 gbr4-p40.st6wa.ip.att.net (12.123.44.134) 129.917 ms 127.873 ms 130.271 ms
11 gbr1-p40.st6wa.ip.att.net (12.122.5.162) 129.555 ms 128.079 ms 130.012 ms
12 gar1-p360.st6wa.ip.att.net (12.123.44.58) 130.377 ms 127.471 ms 129.905 ms
13 12.123.203.1 (12.123.203.1) 159.890 ms 158.353 ms 180.235 ms
14 12.124.174.58 (12.124.174.58) 329.566 ms 198.359 ms 219.902 ms
15 12.17.140.1 170.460 ms 169.097 ms 159.951 ms
16 MY-GW-IP 339.902 ms 329.998 ms 259.590 ms
** UDP SSH port available (but a UDP connection is useless on port 22).
---
thank you all for your assistance and knowledge.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200303240306.h2O36PAt051819>