# netstat -antp | grep apach tcp 0 0 192.168.1.250:80 0.0.0.0:* LISTEN 25577/apache2
# tcpdump -n -i eth0 host 192.168.1.6 and port not 22 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 21:10:57.011994 IP 192.168.1.6.46161 > 192.168.1.250.80: S 4279617058:4279617058(0) win 14600 <mss 1460,sackOK,timestamp 7007662 0,nop,wscale 6> 21:10:57.037227 IP 192.168.1.250 > 192.168.1.6: ICMP host 192.168.1.250 unreachable - admin prohibited filter, length 36 21:11:06.157052 IP 192.168.1.6.46162 > 192.168.1.250.80: S 3082744432:3082744432(0) win 14600 <mss 1460,sackOK,timestamp 7016807 0,nop,wscale 6> 21:11:06.182781 IP 192.168.1.250 > 192.168.1.6: ICMP host 192.168.1.250 unreachable - admin prohibited filter, length 36 ssh works. Connection from the same client to a third gentoo box running a webserver works. Anyone seen this behavior? There's no iptables, the hosts are gentoo and on the same subnet. I've only seen admin prohibited ICMP from filtering by cisco ACLs - what could be the problem?
