|
Can't see Apache test page
I just installed Fedora 5 and plan to use it to run an Apache web server in my home. After the install was done I started Apache and opened a browser page. I typed http://192.168.2.106 and saw the default test page so I figured everything was setup OK. I tried doing the same from another computer on my lan but got a page not found. I also tried it from outside the lan by typing www.compunerdsdev.com and http://compunerdsdev.com, but got the same result. I checked the settings in ZoneEdit and the web server should be live, and I have port 80 forwarded in my router. I also found out that my ISP doesn't block port 80. I was able to ping the server from my XP pro computer. I even set SElinux to permit and still nothing. Any suggestions would be much appreciated.
|
Hello frankd99,
Most probably your firewall in the Webserver is setup so as to deny any connections from outside the local machine. Please check if you have any rules in your IPTABLES or TCP Wrappers (/etc/host.deny & /etc/host.allow). Also it would be much appreciated if you could paste your 'iptables -L' output. Think we can solve it... Thanks.. |
Can't see Apache test page
Thanks for the quick reply. Here is the contents of my iptables. The /etc/host.allow and deny files contained no additional information except for comments.
[root@localhost ~]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Firewall-1-INPUT (2 references) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere icmp any ACCEPT ipv6-crypt-- anywhere anywhere ACCEPT ipv6-auth-- anywhere anywhere ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns ACCEPT udp -- anywhere anywhere udp dpt:ipp ACCEPT tcp -- anywhere anywhere tcp dpt:ipp ACCEPT all -- anywhere anywhere state RELATED,ESTAB LISHED ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:f tp ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:s mtp ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:s sh ACCEPT udp -- anywhere anywhere state NEW udp dpt:n etbios-ns ACCEPT udp -- anywhere anywhere state NEW udp dpt:n etbios-dgm ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:n etbios-ssn ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:m icrosoft-ds ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:h ttps ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:t elnet ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:5 900 REJECT all -- anywhere anywhere reject-with icmp-ho st-prohibited [root@localhost ~]# Hope this helps. |
As you can se from the list, HTTP port is not open. So firewall blocks it.
|
What about
ACCEPT all -- anywhere anywhere ? Looks to me like the firewall is totally open |
Just try
/sbin/iptables -I RH-Firewall-1-INPUT -p tcp --dport 80 -j ACCEPT and it should do it. As for why ACCEPT all -- anywhere anywhere in the first line does not work. I am not sure. But it seems that the last line of reject all did his work. I tried google for a while but did not find any good explaination. Maybe, someone else can share his knowledge here. According to documentation of iptables, the rule are parsed one by one in the order of the rule set. If there were a match like ACCEPT, it is accpet and terminated. Clearly, this does not happen here. |
Can't see Apache test page
Thanks everyone for the expert advise. I stopped the iptaples and everything worked OK. After adding port 80 to iptables I can now open the test page with http://192.168.106.
Thanks again for all the help |
Can see the test page from both of the links you gave above as well.
|
| All times are GMT -5. The time now is 09:17 PM. |