# No network accessibility from command line

## lyonsd

This is weird.  I have networking.  I am posting and can access the Internet via HTTP.

But I can't ping anything from the command line.

```

# ifconfig

eth0      Link encap:Ethernet  HWaddr 00:16:36:9E:AF:D9

          inet addr:192.168.38.95  Bcast:192.168.38.255  Mask:255.255.255.0

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:47923 errors:0 dropped:0 overruns:0 frame:0

          TX packets:18262 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:46101434 (43.9 Mb)  TX bytes:1624066 (1.5 Mb)

          Interrupt:22 Base address:0x8000

lo        Link encap:Local Loopback

          inet addr:127.0.0.1  Mask:255.0.0.0

          UP LOOPBACK RUNNING  MTU:16436  Metric:1

          RX packets:8 errors:0 dropped:0 overruns:0 frame:0

          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:400 (400.0 b)  TX bytes:400 (400.0 b)

```

```

# ping google.com

PING google.com (64.233.167.99) 56(84) bytes of data.

```

emerge times out too.

No FTP to external sites either.

What's going on here?

----------

## JRV

 *lyonsd wrote:*   

> This is weird.  I have networking.  I am posting and can access the Internet via HTTP.
> 
> But I can't ping anything from the command line.
> 
> ...
> ...

 

Are you behind a firewall that forbids anything but HTTP? Is your browser using a proxy? Does

```
$ telnet www.google.com 80
```

work?

----------

## bLUEbYTE84

Check two things:

1- /etc/resolv.conf includes a line: nameserver a.b.c.d (your modem or router)

2- /etc/conf.d/net includes a line: routes_eth0=("default gw a.b.c.d") (your modem or router)

----------

## JRV

 *bLUEbYTE84 wrote:*   

> Check two things:
> 
> 1- /etc/resolv.conf includes a line: nameserver a.b.c.d (your modem or router)
> 
> 2- /etc/conf.d/net includes a line: routes_eth0=("default gw a.b.c.d") (your modem or router)

 

1- According to his post, google.com resolves just fine

2- Might really be missing (perhaps he's using a web proxy, which is why HTTP seems to be working)

Please give the outputs of:

```
$ route -n

$ env
```

----------

## lyonsd

[quote="JRV"] *lyonsd wrote:*   

> 
> 
> Are you behind a firewall that forbids anything but HTTP? Is your browser using a proxy? Does
> 
> ```
> ...

 

Yes, I am behind a firewall, but it has always worked before.

Yes, I can telnet to google.

 *JRV wrote:*   

>  *bLUEbYTE84 wrote:*   Check two things:
> 
> 1- /etc/resolv.conf includes a line: nameserver a.b.c.d (your modem or router)
> 
> 2- /etc/conf.d/net includes a line: routes_eth0=("default gw a.b.c.d") (your modem or router) 
> ...

 

```

$ route -n

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

192.168.38.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0

192.133.204.0   0.0.0.0         255.255.255.0   U     2000   0        0 wlan0

127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo

0.0.0.0         192.168.38.254  0.0.0.0         UG    0      0        0 eth0

0.0.0.0         192.133.204.254 0.0.0.0         UG    2000   0        0 wlan0

```

```

# env

MANPATH=/usr/local/share/man:/usr/share/man:/usr/share/binutils-data/i686-p     ux-gnu/2.17/man:/usr/share/gcc-data/i686-pc-linux-gnu/3.4.6/man:/usr/share/     ata/i686-pc-linux-gnu/3.4.6/man:/opt/ati/man:/opt/sun-jdk-1.4.2.13/man:/etc     -config/system-vm/man/:/usr/qt/3/doc/man:/opt/vmware/server/man

KDEWM=kwin

SHELL=/bin/bash

TERM=rxvt

QTDIR=/usr/qt/3

ANT_HOME=/usr/share/ant-core

USER=root

LS_COLORS=no=00:fi=00:di=01;34:ln=01;36:pi=40;33:so=01;35:do=01;35:bd=40;33     d=40;33;01:or=01;05;37;41:mi=01;05;37;41:su=37;41:sg=30;43:tw=30;42:ow=34;4     37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:     =01;31:*.z=01;31:*.Z=01;31:*.gz=01;31:*.bz2=01;31:*.bz=01;31:*.tbz2=01;31:*     1;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.rar=01;31:*.ace=01;31:*.zoo=01;3     pio=01;31:*.7z=01;31:*.rz=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=     :*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.     1;35:*.tiff=01;35:*.png=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;     mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp     ;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*     =01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;3     wd=01;35:*.yuv=01;35:*.pdf=00;32:*.ps=00;32:*.txt=00;32:*.patch=00;32:*.dif     32:*.log=00;32:*.tex=00;32:*.doc=00;32:*.aac=00;36:*.au=00;36:*.flac=00;36:     =00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00     .wav=00;36:

PRELINK_PATH_MASK=/usr/lib/gstreamer-0.10:/usr/lib/gstreamer-0.8

LIBGL_DRIVERS_PATH=::/usr/lib/xorg/modules/dri::/usr/lib/xorg/modules/dri

GDK_USE_XFT=1

CPATH=/usr/include/libffi

CONFIG_PROTECT_MASK=/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config      /etc/revdep-rebuild /etc/terminfo

VMHANDLE=sun-jdk-1.4

PAGER=/usr/bin/less

FLTK_DOCDIR=/usr/share/doc/fltk-1.1.7/html

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin:     i686-pc-linux-gnu/gcc-bin/3.4.6:/opt/ati/bin:/opt/ati/sbin:/opt/sun-jdk-1.4     /bin:/opt/sun-jdk-1.4.2.13/jre/bin:/opt/sun-jdk-1.4.2.13/jre/javaws:/usr/kd     /sbin:/usr/kde/3.5/bin:/usr/qt/3/bin:/opt/vmware/server/bin:/var/qmail/bin

PWD=/root

JAVA_HOME=/etc/java-config-2/current-system-vm

GENERATION=2

EDITOR=/usr/bin/vim

JAVAC=/etc/java-config-2/current-system-vm/bin/javac

KDEDIRS=/usr/kde/3.5:/usr:/usr/local

QMAKESPEC=linux-g++

PS1=\[\e]2;\u@\H:\w (\l) \d \t\a\e[31;1m\][\j,\!]#\[\e[0m\]

HISTCONTROL=ignoredups

JDK_HOME=/etc/java-config-2/current-system-vm

SHLVL=1

HOME=/root

JAVACC_HOME=/usr/share/javacc/

QMAIL_CONTROLDIR=/var/qmail/control

LESS=-R -M --shift 5

G_FILENAME_ENCODING=UTF-8

PYTHONPATH=/usr/lib/portage/pym

LOGNAME=root

GCC_SPECS=

CVS_RSH=ssh

CLASSPATH=.

PKG_CONFIG_PATH=/usr/qt/3/lib/pkgconfig

LESSOPEN=|lesspipe.sh %s

INFOPATH=/usr/share/info:/usr/share/binutils-data/i686-pc-linux-gnu/2.17/in     sr/share/gcc-data/i686-pc-linux-gnu/3.4.6/info:/usr/share/gcc-data/i686-pc-     -gnu/3.4.6/info

DISPLAY=:1.0

USB_DEVFS_PATH=/dev/bus/usb

OPENGL_PROFILE=xorg-x11

SANE_CONFIG_DIR=/etc/sane.d

LDPATH=/usr/local/lib://usr//lib/opengl/xorg-x11/lib:/usr/i686-pc-linux-gnu     /usr/lib/gcc/i686-pc-linux-gnu/3.4.6:/usr/lib/gcc/i686-pc-linux-gnu/4.1.1:/     ib/nspr:/usr/lib/nss:/usr/lib/seamonkey:/usr/lib/openmotif-2.2:/opt/sun-jdk     2.13/jre/lib/i386/:/opt/sun-jdk-1.4.2.13/jre/lib/i386/native_threads/:/opt/     dk-1.4.2.13/jre/lib/i386/classic/:/opt/sun-jdk-1.4.2.13/jre/lib/i386/server     r/lib/qt4:/usr/kde/3.5/lib:/usr/qt/3/lib:/usr/games/lib:/usr/lib/fltk-1.1:/     ib/libffi:/usr/lib/libstdc++-v3/

G_BROKEN_FILENAMES=1

CONFIG_PROTECT=/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5     down /usr/share/X11/app-defaults /usr/share/X11/xkb /usr/share/config /var/     /alias /var/qmail/control

XAUTHORITY=/root/.xauthQGZq4h

_=/usr/bin/env

```

----------

## lyonsd

As far as http & the browser goes, it's set to "direct connection to internet".

----------

## bLUEbYTE84

So, did you check your config files(mentioned above)?

----------

## JRV

 *bLUEbYTE84 wrote:*   

> So, did you check your config files(mentioned above)?

 

No need, his name resolution is working and he has a default gateway. You can see this in the routing table and from the fact that he can telnet to Google's port 80... so a ping and maybe FTP are getting blocked?

----------

## bLUEbYTE84

 *JRV wrote:*   

>  *bLUEbYTE84 wrote:*   So, did you check your config files(mentioned above)? 
> 
> No need, his name resolution is working and he has a default gateway. You can see this in the routing table and from the fact that he can telnet to Google's port 80... so a ping and maybe FTP are getting blocked?

 

Right, my bad  :Smile: 

----------

## JRV

What kind of mirror are you using for portage?

```
$ grep GENTOO_MIRRORS /etc/make.conf
```

If you are using an FTP mirror, try an HTTP one and see if that works... if yes, FTP is probably blocked.

----------

## lyonsd

 *JRV wrote:*   

> What kind of mirror are you using for portage?
> 
> ```
> $ grep GENTOO_MIRRORS /etc/make.conf
> ```
> ...

 

GENTOO_MIRRORS="http://gentoo.osuosl.org/ http://adelie.polymtl.ca/ http://csociety-ftp.ecn.purdue.edu/pub/gentoo/ http://gentoo.chem.wisc.edu/gentoo/ http://cudlug.cudenver.edu/gentoo/ http://gentoo.mirrors.pair.com/ http://gentoo.ccccom.com http://mirror.clarkson.edu/pub/distributions/gentoo/ http://open-systems.ufl.edu/mirrors/gentoo http://gentoo.binarycompass.org http://mirror.datapipe.net/gentoo/ http://dev.gentoo.org"

----------

## JRV

Ok, wait. Does emerge fail while trying to emerge an ebuild or does is fail while doing a --sync (the rsync protocol gets blocked by your firewall)? How does it fail?

----------

## lyonsd

Now I'm at the college and it's working fine.

```

# route -n 

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

10.3.0.0        0.0.0.0         255.255.254.0   U     2000   0        0 wlan0

127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo

0.0.0.0         10.3.0.1        0.0.0.0         UG    2000   0        0 wlan0

```

I supposed it definitely has something to do with the setup at work.

----------

## lyonsd

 *JRV wrote:*   

> Ok, wait. Does emerge fail while trying to emerge an ebuild or does is fail while doing a --sync (the rsync protocol gets blocked by your firewall)? How does it fail?

 

rsync is blocked.  I can't connect to anything from a unix prompt.  Can't ping anything.  Can't FTP anywhere.  Nothing.

But...hostnames seem to get resolved to IP addresses correctly.

----------

## JRV

 *lyonsd wrote:*   

>  *JRV wrote:*   Ok, wait. Does emerge fail while trying to emerge an ebuild or does is fail while doing a --sync (the rsync protocol gets blocked by your firewall)? How does it fail? 
> 
> rsync is blocked.  I can't connect to anything from a unix prompt.  Can't ping anything.  Can't FTP anywhere.  Nothing.

 

Ok, so the only port (you tried) which isn't blocked seems to be port 80. So it's most definitely a firewall/gateway thing. Who is administering the firewall or is it your own? Are you using netfilter/iptables on the host itself?

 *Quote:*   

> But...hostnames seem to get resolved to IP addresses correctly.

 

Either UDP port 53 (domain) is still allowed or you are using an internal nameserver (for example, in your gateway). Ok, which nameserver is set in the /etc/resolv.conf (maybe that's interesting after all).

----------

## rlittle

If is IS a firewall and you can't get the rules changed (as in my situation), you can always

```
emerge-webrsync
```

----------

