LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Can't see Apache test page (http://www.linuxquestions.org/questions/linux-networking-3/cant-see-apache-test-page-468253/)

frankd99 07-27-2006 10:37 AM

Can't see Apache test page
 
I just installed Fedora 5 and plan to use it to run an Apache web server in my home. After the install was done I started Apache and opened a browser page. I typed http://192.168.2.106 and saw the default test page so I figured everything was setup OK. I tried doing the same from another computer on my lan but got a page not found. I also tried it from outside the lan by typing www.compunerdsdev.com and http://compunerdsdev.com, but got the same result. I checked the settings in ZoneEdit and the web server should be live, and I have port 80 forwarded in my router. I also found out that my ISP doesn't block port 80. I was able to ping the server from my XP pro computer. I even set SElinux to permit and still nothing. Any suggestions would be much appreciated.

vimal 07-27-2006 11:09 AM

Hello frankd99,

Most probably your firewall in the Webserver is setup so as to deny any connections from outside the local machine. Please check if you have any rules in your IPTABLES or TCP Wrappers (/etc/host.deny & /etc/host.allow).
Also it would be much appreciated if you could paste your 'iptables -L' output. Think we can solve it...

Thanks..

frankd99 07-27-2006 12:57 PM

Can't see Apache test page
 
Thanks for the quick reply. Here is the contents of my iptables. The /etc/host.allow and deny files contained no additional information except for comments.

[root@localhost ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT ipv6-crypt-- anywhere anywhere
ACCEPT ipv6-auth-- anywhere anywhere
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns
ACCEPT udp -- anywhere anywhere udp dpt:ipp
ACCEPT tcp -- anywhere anywhere tcp dpt:ipp
ACCEPT all -- anywhere anywhere state RELATED,ESTAB LISHED
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:f tp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:s mtp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:s sh
ACCEPT udp -- anywhere anywhere state NEW udp dpt:n etbios-ns
ACCEPT udp -- anywhere anywhere state NEW udp dpt:n etbios-dgm
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:n etbios-ssn
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:m icrosoft-ds
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:h ttps
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:t elnet
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:5 900
REJECT all -- anywhere anywhere reject-with icmp-ho st-prohibited
[root@localhost ~]#

Hope this helps.

fedora4002 07-27-2006 03:20 PM

As you can se from the list, HTTP port is not open. So firewall blocks it.

billymayday 07-27-2006 03:30 PM

What about

ACCEPT all -- anywhere anywhere

?

Looks to me like the firewall is totally open

fedora4002 07-27-2006 04:55 PM

Just try
/sbin/iptables -I RH-Firewall-1-INPUT -p tcp --dport 80 -j ACCEPT

and it should do it.
As for why ACCEPT all -- anywhere anywhere in the first line does not work. I am not sure. But it seems that the last line of reject all did his work. I tried google for a while but did not find any good explaination. Maybe, someone else can share his knowledge here.

According to documentation of iptables, the rule are parsed one by one in the order of the rule set. If there were a match like ACCEPT, it is accpet and terminated. Clearly, this does not happen here.

frankd99 07-27-2006 07:02 PM

Can't see Apache test page
 
Thanks everyone for the expert advise. I stopped the iptaples and everything worked OK. After adding port 80 to iptables I can now open the test page with http://192.168.106.

Thanks again for all the help

billymayday 07-27-2006 07:06 PM

Can see the test page from both of the links you gave above as well.


All times are GMT -5. The time now is 11:29 AM.