Ping可正常使用但hping、Nmap无法连接任何网站的问题排查求助
2026-4-22
Ping可正常使用但hping、Nmap无法连接任何网站的问题排查求助
我刚第一次安装了hping和nmap工具,但这两个工具都连不上任何网站(包括google.com),不过系统自带的ping命令却能正常工作。
Ping命令正常输出
[heman@Main ~]$ ping google.com PING google.com(bom12s01-in-x0e.1e100.net (2404:6800:4009:810::200e)) 56 data bytes 64 bytes from bom12s01-in-x0e.1e100.net (2404:6800:4009:810::200e): icmp_seq=1 ttl=116 time=61.1 ms 64 bytes from bom12s01-in-x0e.1e100.net (2404:6800:4009:810::200e): icmp_seq=2 ttl=116 time=58.9 ms 64 bytes from bom12s01-in-x0e.1e100.net (2404:6800:4009:810::200e): icmp_seq=3 ttl=116 time=57.4 ms 64 bytes from bom12s01-in-x0e.1e100.net (2404:6800:4009:810::200e): icmp_seq=4 ttl=116 time=75.0 ms ^C --- google.com ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3005ms rtt min/avg/max/mdev = 57.449/63.118/ 75.012/6.987 ms
HPing命令错误输出
[heman@Main ~]$ sudo hping -I wlan0 google.com [sudo] password for heman: HPING google.com (wlan0 142.250.195.46): NO FLAGS are set, 40 headers + 0 data bytes ICMP Network Unreachable from ip=192.168.225.1 name=_gateway ICMP Network Unreachable from ip=192.168.225.1 name=_gateway ICMP Network Unreachable from ip=192.168.225.1 name=_gateway ^C --- google.com hping statistic --- 3 packets tramitted, 3 packets received, 0% packet loss round-trip min/avg/max = 0.0/0.0/0.0 ms
NMap初始扫描结果
[heman@Main ~]$ sudo nmap -sS google.com -e wlan0 Starting Nmap 7.94 ( https://nmap.org ) at 2023-07-17 14:57 IST Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn Nmap done: 1 IP address (0 hosts up) scanned in 3.23 seconds
我的ArchLinux默认iptables防火墙配置
[heman@Main /etc/iptables]$ cat /etc/iptables/simple_firewall.rules *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -p icmp -j ACCEPT -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -j REJECT --reject-with tcp-reset -A INPUT -p udp -j REJECT --reject-with icmp-port-unreachable -A INPUT -j REJECT --reject-with icmp-proto-unreachable COMMIT
我已经不知道该怎么进一步排查了,很多文章说用-Pn参数给nmap,但加上之后还是看不到任何开放端口:
[heman@Main /etc/iptables]$ sudo nmap -Pn google.com -e wlan0 [sudo] password for heman: Starting Nmap 7.94 ( https://nmap.org ) at 2023-07-17 15:03 IST Nmap scan report for google.com (142.250.76.46) Host is up (0.0037s latency). Other addresses for google.com (not scanned): 2404:6800:4007:814::200e rDNS record for 142.250.76.46: maa03s36-in-f14.1e100.net All 1000 scanned ports on google.com (142.250.76.46) are in ignored states. Not shown: 998 filtered tcp ports (no-response), 2 filtered tcp ports (net-unreach) Nmap done: 1 IP address (1 host up) scanned in 18.70 seconds
我希望能让hping正常执行ping操作,同时用nmap扫描到开放端口。另外我也测试了bing.com,情况完全一样:ping正常,但hping和nmap都返回相同的错误。
备注:内容来源于stack exchange,提问作者Heman Babu Ramlal
