Submitted by M.Tag on Tue, 24/05/2005 - 14:28.
( categories: )

Salamoo Alikoo,
The internet was browsed on Mandrake Linux 10.1, The PC was turned off, on the morning the internet is off and may be browse the Google main page and search but the results couldn't be open, no other sits browsed.
I tried again then yahoo.com opened just only the main page no links work and google can't be browsed. after some times no site can be browsed, and so on.

Note:


- I use the Konquerer and firefox. (same result)
- The Linux machine can ping successfully to sites.
- I used FTP from Linux to another Linux Machine on the LAN and no problem.
- Linux machines haven't any error over the LAN.
- This was happened for all linux machine in the LAN.
- Some machines jus run after fresh installation.
- The other machines were working before.
- Some Machines contain Windows And Linux, Windows browsed the internet on the same machine Linux failed in browsing
- The LAN contains windows machines also

Please, help me
Thanks

what's the output of: ifco

MSameer's picture

what's the output of:

ifconfig -a

route -n


-- I was known as Uniball!
WWW: The place for organized randoms!
Quote "c u next life time then when i come back as a mug of tea :P"

dns

ramez.hanna's picture

seems to me like a DNS problem, as Msameer said check the output of 'route -n' it shoulbe something like this


[rhanna@rhanna ~]$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.0.0.0        0.0.0.0         255.0.0.0       U     0      0        0 eth0
0.0.0.0         10.0.0.2        0.0.0.0         UG    0      0        0 eth0

if the last line isn't there then you can do


route add default gw "router_ip"

the best things in life are free --- so is myself

Here you are

There are the output of the commands:

 ifconfig -a 
eth1      Link encap:Ethernet  HWaddr 00:02:44:7F:91:B7
          inet addr:192.168.1.200  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::202:44ff:fe7f:91b7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:613822 errors:0 dropped:0 overruns:0 frame:0
          TX packets:606637 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:547158808 (521.8 Mb)  TX bytes:525133336 (500.8 Mb)
          Interrupt:18 Base address:0xb800
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:149504 errors:0 dropped:0 overruns:0 frame:0
          TX packets:149504 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:27031796 (25.7 Mb)  TX bytes:27031796 (25.7 Mb)
sit0      Link encap:IPv6-in-IPv4
          NOARP  MTU:1480  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

The second command is :

route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 eth1

What about Viruses and Worms?

I can think it may be a virus or a worm.
I faced this problem before with windows, it was a worm, so why not in Linux?
OK, anyway can you send me an open source and free cost antivirus for Linux, or How can i scan online my Linux machine from virus?.
I need an Antivirus regardless my problem.
Thanks.

Virus???

Conceptor's picture

can you ping your dns server?

what is the entries on resolve.conf?

how did u get this ip static or DHCP?

are you sure there is no invalid proxy setting or there un configured proxy?

Diaa Radwan

do not confuse linux with win

ramez.hanna's picture

do not confuse linux with windows and jump to conclusions.
do #dig eglug.org or #resolveip eglug.org ?


[rhanna@rhanna ~]$ resolveip eglug.org
IP address of eglug.org is 209.135.157.57

[rhanna@rhanna ~]$ dig eglug.org

; <<>> DiG 9.2.5 <<>> eglug.org
;; global options:  printcmd
;; Got answer:
;; ->>HEADER opcode: QUERY, status: NOERROR, id: 38004
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;eglug.org.                     IN      A

;; ANSWER SECTION:
eglug.org.              7176    IN      A       209.135.157.57

;; AUTHORITY SECTION:
eglug.org.              81400   IN      NS      ns17.zoneedit.com.
eglug.org.              81400   IN      NS      ns13.zoneedit.com.

;; ADDITIONAL SECTION:
ns17.zoneedit.com.      167555  IN      A       209.126.159.118
ns13.zoneedit.com.      167464  IN      A       216.122.4.160

;; Query time: 289 msec
;; SERVER: 10.0.0.2#53(10.0.0.2)
;; WHEN: Tue May 24 17:45:59 2005
;; MSG SIZE  rcvd: 125

if both work then it's not a DNS problem and we should consider other problems.
i don't think it's a worm or a virus, but there is clamav and aegis antivirus programs.
by the way is there any other PCs on the same lan that can browse the internet correctly?


the best things in life are free --- so as myself

I am not good at all in netwo

I am not good at all in networking stuff but i faced problem like this with my laptop that happen when I assign static IP first try /usr/sbin/drakconnect thats will help you to reconfigure your network after you finish see if your connection work or not.

I don't think it is a DNS problem

I run These commands and this is what i got

dig eglug.org

The output is:

; <<>> DiG 9.3.0 <<>> eglug.org
global options
printcmd
Got answer
->>HEADER opcode
QUERY, status: NOERROR, id: 65309
flags
qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
QUESTION SECTION
;eglug.org. IN A
ANSWER SECTION
eglug.org. 7200 IN A 209.135.157.57
AUTHORITY SECTION
eglug.org. 4808 IN NS ns13.zoneedit.com. eglug.org. 4808 IN NS ns17.zoneedit.com.
ADDITIONAL SECTION
ns13.zoneedit.com. 79789 IN A 216.122.4.160 ns17.zoneedit.com. 84716 IN A 209.126.159.118
Query time
276 msec
SERVER
192.168.1.1#53(192.168.1.1)
WHEN
Wed May 25 09:31:36 2005
MSG SIZE rcvd
134

The second command is:

resolveip eglug.org

The output is:

IP address of eglug.org is 209.135.157.57

Thanks

OK so it's not a DNS thing, h

ramez.hanna's picture

OK so it's not a DNS thing, hmmmm . . .
ok i need to know if their are other PCs on the network that can access the net? do #traceroute google.com and see where it stops?


the best things in life are free --- so as myself

traceroute google.com

The output is:

traceroute to google.com (216.239.39.99), 30 hops max, 38 byte packets
 1  mygateway.ar7 (192.168.1.1)  0.575 ms  0.517 ms  0.711 ms
 2  82.201.233.254 (82.201.233.254)  9.140 ms  12.751 ms  9.577 ms
 3  172.20.1.33 (172.20.1.33)  7.037 ms  6.150 ms  6.579 ms
 4  172.18.1.201 (172.18.1.201)  6.777 ms  6.503 ms  6.847 ms
 5  500.POS2 (157.130.18.137)  146.917 ms  147.156 ms 62.216.146.129 (62.216.146.129)  85.893 ms
 6  0.so (152.63.24.46)  162.093 ms so (62.216.128.198)  85.834 ms  85.861 ms
 7  0.so (152.63.21.81)  149.682 ms ge3 (195.66.224.76)  86.974 ms 0.so (152.63.21.81)  147.389 ms
 8  pos3 (208.184.231.73)  160.014 ms so (4.68.111.29)  148.916 ms pos3 (208.184.231.73)  160.417 ms
 9  ae (4.68.97.161)  146.602 ms  146.017 ms so (208.185.156.2)  88.730 ms
10  as (64.159.3.254)  151.224 ms so (64.125.27.165)  159.094 ms  159.301 ms
11  ge (4.68.121.5)  153.185 ms so (64.125.28.130)  159.631 ms ge (4.68.121.165)  152.762 ms
12  4.79.228.26 (4.79.228.26)  153.853 ms so (64.125.28.14)  159.144 ms 4.79.228.26 (4.79.228.26)  152.474 ms
13  216.200.151.110.available.above.net (216.200.151.110)  160.046 ms  159.454 ms 64.233.174.126 (64.233.174.126)  155.734 ms
14  216.239.46.246 (216.239.46.246)  161.292 ms 216.239.48.90 (216.239.48.90)  153.045 ms  153.358 ms
15  64.233.174.121 (64.233.174.121)  159.740 ms 216.239.47.46 (216.239.47.46)  156.530 ms 64.233.174.121 (64.233.174.121)  383.271 ms
16  216.239.47.58 (216.239.47.58)  162.215 ms *  161.987 ms
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *

OK try this

ramez.hanna's picture

today i had a similar problem so here it goes, i was able to ping, traceroute and everything but unable to do any browsing even through elinks.
so i opened ethereal and then tried to access any webpage and then i stped the sniffer and examined the packet and found out that the packets are going to 1.0.0.0 so this is starnge, the pings go to the right destination but http requests go to a strange IP so i just changed the /etc/resolve.conf to nameserver 194.79.96.9 instead of the router's IP and it worked. so check it out like i did and tell me


the best things in life are free --- so as myself

Thank you ramez

Thank you ramez, i change my router ip with 194.79.96.9 in /etc/resolve.conf and it is working now.
ramez my problem is fixed now but if you have a time please explain this error for me.
I change my router before this problem which was in Linux machine only!!!.
Why this problem happened?
Why 194.79.96.9 changed to my router ip?
What is ethereal?
How did you examine the packets?
Thank you ramez if you have a time to explain or not, anyway my internet is on now.
Thanks

well i don't know exactly why

ramez.hanna's picture

well i don't know exactly why this happened ! but here is the xplanation
194.79.96.9 is a dns server on the internet, the router IP is not a dns server but it AFAIK caches the dns server of your ISP, so the case now is : i can ping, traceroute even resolve names but cannot browse, so i used etereal which is a packet sniffer ( when you open a webpage you are actually doing several things, first you are resolving the name into IP, then sending a request -syn- packet to which the server should aknowledge -ack- and then you aknowlede the acknowledgement of the server) so using the packet sniffer ethereal i can see all that, and i saw the syn packets going to 1.0.0.0 so this means that it does not know the real IP of the website, so this must be a DNS problem , so i just tried replacing the caching server of the router by a real dns server on the net in /etc/resolv.conf and it worked
but actually why it happened i still don't know


the best things in life are free --- so as myself

Another problem

sorry, the solution before solve one problem and get another one.
The Local server has a name "myserver", it was accessed by name before the previous problem but after the solution ( change DNS to 194.79.96.9) i can't access my server by name although i can access it by ip.
please help.

add it to /etc/hosts

Alaa's picture

one solution is to add a line in /etc/hosts that looks like this

xxx.xxx.xxx.xxx     myserver

where xxx.xxx.xxx.xxx is the server IP address.

cheers,
Alaa


http://www.manalaa.net "i`m feeling for the 2nd time like alice in wonderland reading el wafd"

it is running

OK, it is running but it means that i will write this for every PC in my network.!!!!! :(

la2 tab3an

Alaa's picture

I did not understand that you have a big network and stuff, you need to configure and run a DNS server within your network.

cheers,
Alaa


http://www.manalaa.net "i`m feeling for the 2nd time like alice in wonderland reading el wafd"

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.