One of my Ubuntu servers are behaving very strangely. I can SSH into it, and I can ping the server itself (on 127.0.0.1, localhost and its LAN IP 192.168.88.9). No other outgoing network traffic works. Pinging to it from another computer on LAN works fine.
ifconfig:
eno1 Link encap:Ethernet HWaddr 00:15:c5:ea:a3:75
inet addr:192.168.88.9 Bcast:192.168.88.255 Mask:255.255.255.0
inet6 addr: fe80::215:c5ff:feea:a375/64 Scope:Link
inet6 addr: fd63:9db9:9717:0:215:c5ff:feea:a375/64 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:518989 errors:0 dropped:105240 overruns:0 frame:0
TX packets:116542 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:89804473 (89.8 MB) TX bytes:9939134 (9.9 MB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:408034 errors:0 dropped:0 overruns:0 frame:0
TX packets:408034 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:77728418 (77.7 MB) TX bytes:77728418 (77.7 MB)
/etc/network/interfaces:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eno1
iface eno1 inet static
address 192.168.88.9
gateway 192.168.88.1
netmask 255.255.255.0
dns-nameservers 192.168.88.1
iptables -L:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:isakmp
ACCEPT udp -- anywhere anywhere udp dpt:ipsec-nat-t
ACCEPT esp -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
UFW is off…
route -n:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.88.1 255.255.255.0 UG 0 0 0 eno1
192.168.88.0 0.0.0.0 255.255.255.0 U 0 0 0 eno1
Best Answer
Found it! There was a weird iptables rule i POSTROUTING, which is not shown by default by iptables -L.
iptables -t nat -v -L POSTROUTING -n --line-number
:I deleted it with
iptables -t nat -D POSTROUTING 1