Dnia 2016-06-06, pon o godzinie 11:26 -0500, David Wright pisze: > On Mon 06 Jun 2016 at 18:11:27 (+0200), Norbert Kiszka wrote: > > Dnia 2016-06-06, pon o godzinie 11:00 -0500, David Wright pisze: > > > On Mon 06 Jun 2016 at 15:27:16 (+0000), Mark Fletcher wrote: > > > > On Mon, 6 Jun 2016 at 23:15, Santiago Vila <sanv...@unex.es> wrote: > > > > > > > > > On Mon, Jun 06, 2016 at 10:06:54AM +1200, Jan Bakuwel wrote: > > > > > > Check your firewall rules. > > > > > > > > > > It can't be firewall rules. Try this to block outgoing ping: > > > > > > > > > > iptables -A OUTPUT -p icmp --icmp-type echo-request -j REJECT > > > > > > > > > > then try to ping anywhere. You will get a different error message, > > > > > namely "Destination Port Unreachable". > > > > > > > > > > [ Why people do not read all messages in the thread before answering > > > > > is a mystery to me ]. > > > > > > > No, that's not true, you definitely can get this very error due to > > > > something to do with the firewall, maybe it's not able to resolve the > > > > ping > > > > target rather than not able to reach the resulting host, I'm damned if I > > > > can remember the specifics but I've definitely seen this happen on an > > > > lfs > > > > box before and it was nothing to do with perms (as I said before, to > > > > your > > > > point about people not reading the whole thread...) > > > > > > I don't understand this argument. > > > > > > Why would ping bother to open a socket to a host it couldn't resolve? > > > > > > I know precious little about firewall rules, but AIUI the rules > > > determine whether to respond with things like Drop, Reject, Deny. > > > Now the OP didn't manage to open a socket; that's in the error message: > > > "ping: icmp open socket: Operation not permitted" > > > So how would ping find out how the firewall was going to react to its > > > ping message without opening a socket to send something? > > > > Did You change linux kernel, kernel modules or something lastly? > > I now know even less about what you're talking about. I don't have a > problem. I have easily duplicated the OP's error message in the > following way: > > $ cp -ip /bin/ping /tmp > $ /tmp/ping alum.local > ping: icmp open socket: Operation not permitted > $ /sbin/getcap /tmp/ping > $ /sbin/getcap /bin/ping > /bin/ping = cap_net_raw+ep > $ > > That's jessie. On wheezy: > > $ ls -l /bin/ping /tmp/ping > -rwsr-xr-x 1 root root 31104 Apr 12 2011 /bin/ping > -rwxr-xr-x 1 david david 31104 Apr 12 2011 /tmp/ping > > Cheers, > David. >
Show output of those commands: # iptables -L # lsmod $ uname -a $ cat /etc/issue
