LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   apache domain problem zoneedit (https://www.linuxquestions.org/questions/linux-networking-3/apache-domain-problem-zoneedit-45999/)

case1984 02-18-2003 11:46 AM
apache domain problem zoneedit
 
OK, I'm a complete newbie trying to set up a webserver on my Red Hat 8.0 machine (running Apache). My ISP (Cox Cable) blocks port 80 I believe. No one could give me a definite answer, so I set Zoneedit up to redirect to port 8080 just to be safe. Now I can get to my website on my windows machine on the same network, but other people can't access it over the internet.

Apache must be running correctly, because the website looks fine on my XP machine (on the same network, behind the same router). To further confuse me, when I type in case1984.com, it changes to http://ww2.case1984.com:8080 .
That's exactly how I set up Zone edit to forward it, so I'm guessing the xp machine is looking for case1984.com, finding it on zoneedit's DNS machines, and being redirected to http://ww2.case1984.com:8080 . This is exactly what I want to happen, but why is it only happening for my computer on the same network, and not for anything else?

If anyone could suggest a tool or a way for me to figure out what is wrong, it would be greatly appreciated. Thanks in advance.

SlickWilly 02-18-2003 02:02 PM
Ho hum... I warned you in your last post that this was going to get complicated :P

Your resolution is happening fine. If I attempt a connect to http://case1984.com I (correctly you say) get redirected to :

http://ww2.case1984.com:8080/

However, I get no response from that machine.

You *do* have apache running on port 8080, yes?

When you say you can get to your website on your local machine, it *is* going to port 8080?

Slick.

case1984 02-18-2003 07:30 PM
Quote:
Originally posted by SlickWilly
You *do* have apache running on port 8080, yes?
When you say you can get to your website on your local machine, it *is* going to port 8080?
This might be a stupid question, but if the URL ends in :8080, doesn't that mean its going to port 8080?
If it doesn't, how can I tell what port I've connected thru?
Also, I used Red Hat's Apache configuration tool to configure it. Maybe I'll just manually configure it when I get home from work.
Also, a member of my local LUG is going to use nmap tonight and tell me what ports are open. Is there anything else anyone might suggest?
Thanks

SlickWilly 02-18-2003 10:11 PM
Not a stupid question no, good question. But remember that you're inside and I'm outside.

What I see from outside is that your dns resolves to something with 8080 on the end. Your web server isnt replying to that query.

So.. from this end, it looks like your web server isn't running, or isn't running on that port - even though that's where it's resolving to.

Now... It *sounds* like you've got it right. If it's resolving to the same url for you internally, and you're getting a reply, internally on that port number then it's good. But, I'm trying to rule out the scenario where you have a dns resolving to something correct (8080) but internally you're actually hitting a port 80 address. Which is frequently the case, when setups like this occur.

There's an easy way to tell :

netstat -a

You should see something like this :

tcp 0 0 *:8080 *:* LISTEN -

You can also look in your /etc/httpd/conf/httpd.conf and look for a lines like this :

# Port: The port to which the standalone server listens. For
# ports < 1023, you will need httpd to be run as root initially.
#
Port 80

where port should be 8080.

You might also have iptables set up to deny stuff by default (look at the INPUT policy) and aren't allowing port 8080 through it. That would also cause the symptoms seen above.

If that's the case you'll want to open up the port with something like this in your iptables rule-list.

iptables -A INPUT -i eth0 -dport 8080 -j ACCEPT

Where eth0 is your external interface.

Let us know how it turns out.

Slick.

case1984 02-19-2003 01:24 PM
follow-up w/ new iptables error
 
ok,
I tried to open port 8080 manually in a terminal with the line slick gave me and this one:
iptables -I INPUT -j ACCEPT --dport 8080 -p tcp
and a few more that were basically the same thing with minor variances in syntax that I found using google.
They all gave me the same error:
"bad argumant 8080"
I also tried to do it to port 80, and got the same error.
I did go into apacheconfig and made sure apache was set to listen to all addresses on port 8080.
I am sure I'm just making some stupid newbie mistake, and I'm sure this is what I need to do, but it's not working.

Also, I did a "service iptables restart" just to make sure it was running, and didn't get any error messages. Ipchains doesn't seem to be running.

The httpd.conf file did have a line saying "port 8080," and did not have one saying "80," so I'm assuming that's cool.

The nmap of my ip returned that both 8080 and 80 were filtered.
Here is the output:
7/tcp open echo
13/tcp open daytime
19/tcp open chargen
21/tcp filtered ftp
22/tcp open ssh
25/tcp filtered smtp
80/tcp filtered http
111/tcp filtered sunrpc
119/tcp filtered nntp
135/tcp filtered loc-srv
136/tcp filtered profile
137/tcp filtered netbios-ns
138/tcp filtered netbios-dgm
139/tcp filtered netbios-ssn
199/tcp open smux
443/tcp open https
445/tcp filtered microsoft-ds
548/tcp filtered afpovertcp
873/tcp open rsync
1080/tcp filtered socks
1433/tcp filtered ms-sql-s
1434/tcp filtered ms-sql-m
2049/tcp filtered nfs
3128/tcp filtered squid-http
6000/tcp open X11
6588/tcp filtered analogx
8080/tcp filtered http-proxy
27374/tcp filtered subseven

Sorry about the long post, but I wanted to give anyone that was going to try and help too much info rather than too little.

If anyone could suggest anything else for me to try and figure out what is going on I would appreciate it.

thanks in advance


All times are GMT -5. The time now is 05:07 PM.