Unix commands like ping, ssh, work fine but socket-based programs are failing in connect

StackOverflow https://stackoverflow.com/questions/96113

  •  01-07-2019
  •  | 
  •  

Question

I got a call from a tester about a machine that was failing our software. When I examined the problem machine, I quickly realized the problem was fairly low level: Inbound network traffic works fine. Basic outbound command like ping and ssh are working fine, but anything involving the connect() call is failing with "No route to host".

For example - on this particular machine this program will fail on the connect() statement for any IP address other than 127.0.0.1:

#!/usr/bin/perl -w
use strict;
use Socket;
my ($remote,$port, $iaddr, $paddr, $proto, $line);

$remote  = shift || 'localhost';
$port    = shift || 2345;  # random port
if ($port =~ /\D/) { $port = getservbyname($port, 'tcp') }
die "No port" unless $port;
$iaddr   = inet_aton($remote)           || die "no host: $remote";
$paddr   = sockaddr_in($port, $iaddr);

$proto   = getprotobyname('tcp');
socket(SOCK, PF_INET, SOCK_STREAM, $proto)      || die "socket: $!";
connect(SOCK, $paddr)    || die "connect: $!"; 
while (defined($line = <SOCK>)) {
    print $line;
}

close (SOCK)        || die "close: $!";
exit;

Any suggestions about where this machine is broken? It's running SUSE-10.2.

Was it helpful?

Solution

I would check firewall configuration on that machine. It is possible for iptables (I guess your SUSE has iptables firewall) to be setup to let trough only ping ICMP packets.

OTHER TIPS

Is the firewall turned off?

Firewall is always possible, but it does say that ssh can connect, so that seems unlikely. I'd say have a look at the routes ("route" command on Linux), and make sure you don't have like two default routes, or weird ones or whatever. All in all I'd say test ping and ssh and your program on the same distant IP, and if they all fail, you have a route problem. If only your program fails, you probably have either a firewall problem or program problem :)

Try pointing connect() to the same host:port where your SSH command works. Also, keep in mind that some firewalls can apply different rules for different user accounts (and sometimes for different executables). Therefore, make sure you run ssh and your test app under the same user account and that SUID isn't set for SSH.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top