Why does "curl" command work normally while "ping" not?
18,617
You could test if ICMP is blocked with the following perl program:
ping.pl (Edited to print port)
#!/usr/bin/env perl
use strict;
use warnings;
use Net::Ping;
my @hosts = @ARGV;
die "usage: sudo perl ping.pl host\n" unless @ARGV;
my $timeout = 5;
my @proto = ("tcp", "udp", "icmp","syn");
foreach my $pro ( @proto ) {
my $p = Net::Ping->new($pro);
# default port
my $port = 7;
$p->port_number($port);
# tcp on https port
if ( $pro eq "tcp"){
$port = 443;
$p->port_number($port);
}
print "\nProtocol $pro port $port\n";
foreach my $host( @hosts ) {
if ($p->ping($host, $timeout)){
print "$host is reachable\n";
}
else{
print "$host is NOT reachable\n";
}
}
$p->close();
sleep(2);
}
exit;
#$ sudo perl ping.pl google.com
Protocol tcp port 443
google.com is reachable
Protocol udp port 7
google.com is NOT reachable
Protocol icmp port 7
google.com is reachable
Protocol syn port 7
google.com is reachable
ping and curl output (videotron network)
#$ ping -c 4 google.com
PING google.com (24.200.237.84) 56(84) bytes of data.
64 bytes from google-084.237.cache.videotron.ca (24.200.237.84): icmp_seq=1 ttl=61 time=7.14 ms
64 bytes from google-084.237.cache.videotron.ca (24.200.237.84): icmp_seq=2 ttl=61 time=10.1 ms
64 bytes from google-084.237.cache.videotron.ca (24.200.237.84): icmp_seq=3 ttl=61 time=6.86 ms
64 bytes from google-084.237.cache.videotron.ca (24.200.237.84): icmp_seq=4 ttl=61 time=8.86 ms
--- google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 6.866/8.243/10.102/1.320 ms
#$ curl google.com
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://www.google.ca/?gfe_rd=cr&ei=ArVmVbiOLajd8gfKq4DoCQ">here</A>.
</BODY></HTML>
Related videos on Youtube
Author by
Nan Xiao
Updated on September 18, 2022Comments
-
Nan Xiao over 1 year
I find a strange phenomenon in my corporate network:
I can executecurl google.com
command successfully:[root@localhost ~]# curl google.com <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> <TITLE>301 Moved</TITLE></HEAD><BODY> <H1>301 Moved</H1> The document has moved <A HREF="http://www.google.com/">here</A>. </BODY></HTML>
But execute
ping google.com
failed:[root@localhost ~]# ping google.com PING google.com (173.194.33.174) 56(84) bytes of data. ^C --- google.com ping statistics --- 1569 packets transmitted, 0 received, 100% packet loss, time 1568463ms
I suspect the sysadmin has done something, but not sure. Could anyone give some clues how to debug this issue? For example, does the sysadmin set some rules which can filter
ping
command? How can I verify it?-
Karan almost 9 yearsICMP blocked by corporate firewall most likely. Can you successfully ping any site?
-
Nan Xiao almost 9 years@Karan: No. Can't ping any foreign sites successfully. How can verify this?
-
Karan almost 9 yearsI'm not sure at your end how you can confirm this since the firewall config will surely be inaccessible to you, but it is the most likely cause.
-
-
Karan almost 9 yearsSo if host is not reachable for any reason that necessarily means ICMP is blocked at your end?
-
Nan Xiao almost 9 years@David L.: After executing the script, it outputs:"` [root@mawent3 ~]# ./ping.pl google.com Protocol tcp google.com is NOT reachable Protocol udp google.com is NOT reachable Protocol icmp google.com is NOT reachable Protocol syn google.com is reachable`", what does it can prove?
-
David L. almost 9 years@Nan Xiao as it was suggested in the comments to your question, ICMP is probably blocked by corporate firewall
-
Nan Xiao almost 9 years@DavidL: Why
curl
can success? It seems bothtcp
andudp
are blocked too.