You're correct.  It all looks fine.  Someone sent a message about
getting an icmp message when they tried to connect to your machine.
Perhaps that is the missing clue.  Perhaps your ISP  could explain this
phenomenon.
-Brian

On Aug 4,  1:27pm, Eric Fox wrote:
} Subject: Re: Timeout on port 80
} 
} On 04-Aug-98 Brian Buhrow wrote:
} >       It occurrs to me that you realy need to establish whether or not the
} > problem is that traffic is not getting in or out.  My guess is that the
} > packets coming from the client to your server are getting in, but that your
} > responses are not going out the right hole.  Is it possible that your httpd
} > is sending data with a source address that doesn't match the target address
} > you're trying to reach?  That is, if the IP address of the inaccessible
} > port is 3.4.5.6 and you telnet to 3.4.5.6:80, are you sure that the machine
} > isn't responding with a source address of 7.8.9.10?  If it is, it could be
} > that your provider is blocking source addresses that it thinks shouldn't be
} > coming from certain places in an attempt to keep people from performing IP
} > spoofing attacks against its customers.  I'm particularly struck by this
} > because you have an interface of ppp0, which doesn't worrk, and an
} > interface of ne0, which does.  What does the output of netstat -an show?
} > In particular, compare the things listening through inetd: ftp, telnet,
} > rsh, etc. with what's listening on port 80.  Everything should be wild
} > carded.  If it's not, then this might point at your problem.
} > -Brian
} > 
} 
} Here are the listening ports of 'netstat -an':
} 
}   tcp        0      0  *.863                  *.*                    LISTEN
}   tcp        0      0  *.6000                 *.*                    LISTEN
}   tcp        0      0  *.80                   *.*                    LISTEN
}   tcp        0      0  *.1025                 *.*                    LISTEN
}   tcp        0      0  *.37                   *.*                    LISTEN
}   tcp        0      0  *.13                   *.*                    LISTEN
}   tcp        0      0  *.113                  *.*                    LISTEN
}   tcp        0      0  *.79                   *.*                    LISTEN
}   tcp        0      0  *.512                  *.*                    LISTEN
}   tcp        0      0  *.513                  *.*                    LISTEN
}   tcp        0      0  *.514                  *.*                    LISTEN
}   tcp        0      0  *.23                   *.*                    LISTEN
}   tcp        0      0  *.21                   *.*                    LISTEN
}   tcp        0      0  *.25                   *.*                    LISTEN
}   tcp        0      0  *.515                  *.*                    LISTEN
}   tcp        0      0  *.2049                 *.*                    LISTEN
}   tcp        0      0  *.111                  *.*                    LISTEN
}   tcp        0      0  *.53                   *.*                    LISTEN
} 
} Port 80 appears to be the same as all the others.  I don't belive my provider
} is performing the type of blocking you describe above, because it would, I
} belive, affect connections to any of the above ports and telnets, mail, and
} such are working fine from the outside.
} 
}   /\---/\  Eric J Fox
}  /  o o  \ mailto:eric@fox.phoenix.az.us
}  \.\   /./ http://fox.phoenix.az.us
}     \@/ 
} 
>-- End of excerpt from Eric Fox