From owner-freebsd-questions Sun Mar 23 19: 5: 4 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8B8FC37B401 for ; Sun, 23 Mar 2003 19:05:01 -0800 (PST) Received: from ai1.anchorage.mtaonline.net (ai1.anchorage.mtaonline.net [12.17.140.247]) by mx1.FreeBSD.org (Postfix) with ESMTP id A921643F75 for ; Sun, 23 Mar 2003 19:04:59 -0800 (PST) (envelope-from abc@ai1.anchorage.mtaonline.net) Received: from en26.ai1.anchorage.mtaonline.net (root@printer [192.168.0.26]) by ai1.anchorage.mtaonline.net (8.12.6/8.12.6) with ESMTP id h2O34mB0049038; Sun, 23 Mar 2003 18:04:48 -0900 (AKST) (envelope-from abc@ai1.anchorage.mtaonline.net) Received: (from abc@localhost) by en26.ai1.anchorage.mtaonline.net (8.12.6/8.12.6) id h2O36PAt051819; Mon, 24 Mar 2003 03:06:25 GMT (envelope-from abc@ai1.anchorage.mtaonline.net) Date: Mon, 24 Mar 2003 03:06:25 GMT From: abc@ai1.anchorage.mtaonline.net Message-Id: <200303240306.h2O36PAt051819@en26.ai1.anchorage.mtaonline.net> X-Authentication-Warning: en26.ai1.anchorage.mtaonline.net: abc set sender to abc@ai1.anchorage.mtaonline.net using -f To: Jason Hunt Cc: mackan , Bill Moran , freebsd-questions Subject: Re: where packets are dropped in route Reply-To: X-Mailer: Umail v2.9.4 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > > > Maybe your ISP is blocking port 22 after all. nmap will tell you. > > > > > > > can nmap (which i don't have installed) tell me more > > than telnet - as far as a where a specific IP/port packet > > is being blocked/dropped? > > > > If you mean where along the path it is getting dropped, no. Other than > what you have tried so far with traceroute, I don't believe there is > really any way to tell WHERE certain ports are being dropped. For all > you know, there could be a transparent firewall that drops the packet > and does not send back an ICMP notification. > > Hope this helps. to finish the thread nicely, this is the result of nmap (-P0 required): $ nmap -p 22 -P0 -sA MY-GW-IP Starting nmap V. 3.00 ( www.insecure.org/nmap/ ) Interesting ports on (MY-GW-IP): Port State Service 22/tcp filtered ssh Nmap run completed -- 1 IP address (1 host up) scanned in 36 seconds $ nmap -p 22 -P0 -sW MY-GW-IP Starting nmap V. 3.00 ( www.insecure.org/nmap/ ) Interesting ports on (MY-GW-IP): Port State Service 22/tcp filtered ssh Nmap run completed -- 1 IP address (1 host up) scanned in 37 seconds --- "filtered" means that nmap(1) cannot determine if a port is open or closed - because it can't reach it, the traceroute(8) utility confirms (i guess): --- $ traceroute -p 22 -P tcp 12.17.140.247 1 1-118-237-24 (24.237.118.1) 150.900 ms 226.750 ms 99.080 ms 2 177-48-96-206 (206.96.48.177) 109.873 ms 118.265 ms 109.982 ms 3 81-128-165-209 (209.165.128.81) 129.754 ms 108.081 ms 129.900 ms 4 9-128-165-209 (209.165.128.9) 99.918 ms 108.252 ms * 5 202-129-165-209 (209.165.129.202) 140.307 ms 128.159 ms 129.912 ms 6 213-129-165-209 (209.165.129.213) 129.899 ms 128.249 ms 129.883 ms 7 sl-gw11-sea-0-2.sprintlink.net (144.228.93.233) 129.916 ms 247.420 ms 119.160 ms 8 sl-bb21-sea-9-3.sprintlink.net (144.232.6.117) 129.923 ms 129.112 ms 129.866 ms 9 sprint-gw.st6wa.ip.att.net (192.205.32.173) 129.941 ms 236.239 ms 129.925 ms 10 gbr4-p40.st6wa.ip.att.net (12.123.44.134) 129.878 ms 276.170 ms 129.826 ms 11 gbr1-p40.st6wa.ip.att.net (12.122.5.162) 129.890 ms 128.086 ms 129.896 ms 12 gar1-p360.st6wa.ip.att.net (12.123.44.58) 139.894 ms 128.144 ms 129.860 ms 13 12.123.203.1 (12.123.203.1) 159.911 ms 159.252 ms 159.929 ms 14 12.124.174.58 (12.124.174.58) 159.894 ms 179.251 ms 189.900 ms 15 12.17.140.1 159.916 ms 219.640 ms 169.925 ms 16 * * * ** TCP SSH port blocked by 12.17.140.1 $ traceroute -p 22 -P udp 12.17.140.247 1 1-118-237-24 (24.237.118.1) 140.974 ms 96.948 ms 109.883 ms 2 177-48-96-206 (206.96.48.177) 99.909 ms 108.272 ms 100.431 ms 3 81-128-165-209 (209.165.128.81) 109.347 ms 98.296 ms 99.874 ms 4 9-128-165-209 (209.165.128.9) 99.923 ms 98.214 ms 99.894 ms 5 202-129-165-209 (209.165.129.202) 129.904 ms 128.249 ms 130.284 ms 6 * * 213-129-165-209 (209.165.129.213) 130.333 ms 7 sl-gw11-sea-0-2.sprintlink.net (144.228.93.233) 128.730 ms 127.648 ms 129.876 ms 8 sl-bb21-sea-9-3.sprintlink.net (144.232.6.117) 129.907 ms 128.742 ms 129.378 ms 9 * sprint-gw.st6wa.ip.att.net (192.205.32.173) 180.893 ms 127.553 ms 10 gbr4-p40.st6wa.ip.att.net (12.123.44.134) 129.917 ms 127.873 ms 130.271 ms 11 gbr1-p40.st6wa.ip.att.net (12.122.5.162) 129.555 ms 128.079 ms 130.012 ms 12 gar1-p360.st6wa.ip.att.net (12.123.44.58) 130.377 ms 127.471 ms 129.905 ms 13 12.123.203.1 (12.123.203.1) 159.890 ms 158.353 ms 180.235 ms 14 12.124.174.58 (12.124.174.58) 329.566 ms 198.359 ms 219.902 ms 15 12.17.140.1 170.460 ms 169.097 ms 159.951 ms 16 MY-GW-IP 339.902 ms 329.998 ms 259.590 ms ** UDP SSH port available (but a UDP connection is useless on port 22). --- thank you all for your assistance and knowledge. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message