Originally Posted by
The Cog
OK, this should cut down the amount of output when you trace:
Code:
sudo tcpdump -nnt -i enp1s0 icmp or arp
While this trace is running, try to ping both 192.168.0.1 and 192.168.0.87 in another terminal window.
The run
ip neighbor again - I would really hope to see entries for those ping targets.
Are you running a firewall in the PC?
will show any rules currently active.
At this point in one terminal :
sudo tcpdump -nnt -i enp1s0 icmp or arp
is running, and in 2nd terminal :
Code:
girish@girish-OptiPlex-3050:~$ ip neighbor
192.168.0.87 dev enp1s0 lladdr 74:27:ea:07:b5:57 STALE
192.168.0.1 dev enp1s0 FAILED
192.168.43.1 dev wlx00c3f213fca7 lladdr a8:9c:ed:bc:57:80 DELAY
192.168.0.90 dev enp1s0 lladdr 00:11:d8:ba:c3:6a STALE
fe80::aa9c:edff:febc:5780 dev wlx00c3f213fca7 lladdr a8:9c:ed:bc:57:80 router STALE
fe80::1ea5:32ff:fe78:8238 dev enp1s0 lladdr 1c:a5:32:78:82:38 router STALE
girish@girish-OptiPlex-3050:~$ sudo iptables -nvL
Chain INPUT (policy DROP 46 packets, 1420 bytes)
pkts bytes target prot opt in out source destination
3958 1457K ufw-before-logging-input all -- * * 0.0.0.0/0 0.0.0.0/0
3958 1457K ufw-before-input all -- * * 0.0.0.0/0 0.0.0.0/0
1367 199K ufw-after-input all -- * * 0.0.0.0/0 0.0.0.0/0
46 1420 ufw-after-logging-input all -- * * 0.0.0.0/0 0.0.0.0/0
46 1420 ufw-reject-input all -- * * 0.0.0.0/0 0.0.0.0/0
46 1420 ufw-track-input all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ufw-before-logging-forward all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-before-forward all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-after-forward all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-after-logging-forward all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-reject-forward all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-track-forward all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 157 packets, 12704 bytes)
pkts bytes target prot opt in out source destination
3091 304K ufw-before-logging-output all -- * * 0.0.0.0/0 0.0.0.0/0
3091 304K ufw-before-output all -- * * 0.0.0.0/0 0.0.0.0/0
790 60931 ufw-after-output all -- * * 0.0.0.0/0 0.0.0.0/0
790 60931 ufw-after-logging-output all -- * * 0.0.0.0/0 0.0.0.0/0
790 60931 ufw-reject-output all -- * * 0.0.0.0/0 0.0.0.0/0
790 60931 ufw-track-output all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-after-forward (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-after-input (1 references)
pkts bytes target prot opt in out source destination
1057 83022 ufw-skip-to-policy-input udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:137
32 7025 ufw-skip-to-policy-input udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:138
0 0 ufw-skip-to-policy-input tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139
5 240 ufw-skip-to-policy-input tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
215 106K ufw-skip-to-policy-input udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:67
0 0 ufw-skip-to-policy-input udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:68
12 716 ufw-skip-to-policy-input all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST
Chain ufw-after-logging-forward (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
Chain ufw-after-logging-input (1 references)
pkts bytes target prot opt in out source destination
39 1200 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
Chain ufw-after-logging-output (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-after-output (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-before-forward (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 3
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 4
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 11
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 12
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
0 0 ufw-user-forward all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-before-input (1 references)
pkts bytes target prot opt in out source destination
638 55467 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
1815 1182K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ufw-logging-deny all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 3
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 4
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 11
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 12
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
1505 219K ufw-not-local all -- * * 0.0.0.0/0 0.0.0.0/0
138 20866 ACCEPT udp -- * * 0.0.0.0/0 224.0.0.251 udp dpt:5353
0 0 ACCEPT udp -- * * 0.0.0.0/0 239.255.255.250 udp dpt:1900
1367 199K ufw-user-input all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-before-logging-forward (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-before-logging-input (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-before-logging-output (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-before-output (1 references)
pkts bytes target prot opt in out source destination
638 55467 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
1663 188K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
790 60931 ufw-user-output all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-logging-allow (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] "
Chain ufw-logging-deny (2 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID limit: avg 3/min burst 10
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
Chain ufw-not-local (1 references)
pkts bytes target prot opt in out source destination
5 240 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
184 22286 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type MULTICAST
1316 197K RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST
0 0 ufw-logging-deny all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-reject-forward (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-reject-input (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-reject-output (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-skip-to-policy-forward (0 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-skip-to-policy-input (7 references)
pkts bytes target prot opt in out source destination
1321 197K DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-skip-to-policy-output (0 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-track-forward (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-track-input (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-track-output (1 references)
pkts bytes target prot opt in out source destination
77 4620 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW
556 43607 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW
Chain ufw-user-forward (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-user-input (1 references)
pkts bytes target prot opt in out source destination
Chain ufw-user-limit (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] "
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain ufw-user-limit-accept (0 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain ufw-user-logging-forward (0 references)
pkts bytes target prot opt in out source destination
Chain ufw-user-logging-input (0 references)
pkts bytes target prot opt in out source destination
Chain ufw-user-logging-output (0 references)
pkts bytes target prot opt in out source destination
Chain ufw-user-output (1 references)
pkts bytes target prot opt in out source destination
girish@girish-OptiPlex-3050:~$
I stopped the running command in 1st terminal by pressing Ctrl+C and copy paste the output in one document, searched 192.168.0.87 and found 37 (Search counter is saying) entries like this :
Code:
ARP, Request who-has 192.168.0.108 tell 192.168.0.103, length 46
ARP, Request who-has 192.168.0.83 tell 192.168.0.90, length 46
ARP, Request who-has 192.168.0.91 tell 192.168.0.87, length 46
ARP, Request who-has 192.168.0.91 tell 192.168.0.91, length 46
After few more lines ....
ARP, Request who-has 192.168.1.98 tell 192.168.1.91, length 46
ARP, Request who-has 192.168.0.100 tell 192.168.0.90, length 46
IP 192.168.0.86 > 192.168.0.87: ICMP echo request, id 3471, seq 1, length 64
ARP, Request who-has 192.168.1.110 tell 192.168.1.92, length 46
ARP, Request who-has 192.168.1.99 tell 192.168.1.91, length 46
IP 192.168.0.86 > 192.168.0.87: ICMP echo request, id 3471, seq 2, length 64
IP 192.168.0.86 > 192.168.0.87: ICMP echo request, id 3471, seq 3, length 64
ARP, Request who-has 192.168.0.77 tell 192.168.0.87, length 46
ARP, Request who-has 192.168.0.116 tell 10.20.100.90, length 46
ARP, Request who-has 192.168.0.100 tell 192.168.0.90, length 46
IP 192.168.0.86 > 192.168.0.87: ICMP echo request, id 3471, seq 4, length 64
ARP, Request who-has 192.168.0.116 tell 10.20.100.90, length 46
ARP, Request who-has 192.168.0.110 tell 192.168.0.92, length 46
ARP, Request who-has 192.168.0.101 tell 192.168.0.90, length 46
IP 192.168.0.86 > 192.168.0.87: ICMP echo request, id 3471, seq 5, length 64
I am really thankful to you for your continue support.
Bookmarks