LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 10-18-2006, 05:30 AM   #1
keithdj
LQ Newbie
 
Registered: Aug 2005
Location: New Zealand
Distribution: Fedora 4.0
Posts: 27

Rep: Reputation: 15
Connection refused on port 81 trying to get to a CGI Script


Ok here goes

Fedora 4 running on an old pentium 2. Using Squid ver 2.5 and Dansguardian 2.8.??.

I recently found a mod for dansguardian that enabled the dansguardian bypass feature. This involves presenting page with a password entry box, and then calling for a file called passwords.cgi. The script as supplied calls for this file on port 81, ie http//:192.168.0.110:81/cgi-bin/passwords.cgi . When I try this I get connection refused. I have tried redirecting port 81 to port 8080, I've tried modifying the script to use port 80, but neither worked.

I have used nmap and it does not show the port open or closed. I have edited the squid.conf to allow port 81. I restarted squid after that change (I even rebooted to be on the safe side)



Q1 Do .cgi pages have to be called via port 81?

Q2 If port 81 has to be used, what do I have to do to open it.

Last edited by keithdj; 10-18-2006 at 05:32 AM.
 
Old 10-18-2006, 05:40 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984
port 81 is used as that will be dans (i assume) running a tiny http server on the box in isolation to any exisitng apache service etc... if you have nothing on port 80 already you can probably change the dans config to use port 80 instead, or if you do have apache running you can use a proxy command within apache to internally connect a presented path in apache to redirect to another port, so the end user never hits port 81.

this generally sounds a lot like you simply have a firewall running. add port 81 to the allowed ports list and try again.
 
Old 10-18-2006, 05:49 AM   #3
keithdj
LQ Newbie
 
Registered: Aug 2005
Location: New Zealand
Distribution: Fedora 4.0
Posts: 27

Original Poster
Rep: Reputation: 15
You've lost me a little bit there

I do have apache runnig but not doing anything at present (I don't think so). The only fiewall is iptables, it have very few rules, a few to drop my kids laptop IP addresses after bedtime and two, that redirect ports 3128 and 80 to port 8080 which is what dansgaurdian is listening on.

Do i need to send iptables a command to open the port, I thought dansguardian should have probably opened the port ???

Unfortunately the forum I found the patch in appears to have gone dead as my posts there have gone un-answered for several days.
 
Old 10-18-2006, 05:53 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984Reputation: 1984
when people aren't familiar with networking there is a lot of confusion about "opening" ports and such. ports are technically "open" if an application is connected to that port and listening for incoming connections. the firewall sits infront of the application though, so if the firewall is only allowing 80 traffic through the app listening on port 81 will never see any action. the app itself should have absolutely no control whatsoever on the firewall. the idea that any server can change what ports are open on a firewall should make you feel queasy...

if you're not doing anything on apache, why is it running?? stop it! then tell dans to listen on port 80 is that's really really what you want.
 
Old 10-18-2006, 06:11 AM   #5
keithdj
LQ Newbie
 
Registered: Aug 2005
Location: New Zealand
Distribution: Fedora 4.0
Posts: 27

Original Poster
Rep: Reputation: 15
Ok, did all that,

1. shut down apache, and made sure it wouldn't load next reboot
2. changed dansguardian to use port 80
3. Deleted the iptables rule for port 80 to be redirected to 8080
4. Took out the :81 from the link in the html code

tested basic internet service / filtering and works fine, BUT

when I get a banned page, enter my password it still cannot load the passwords.cgi file, now it trying to find just /cgi-bin.passwords.cgi

However your suggestions have still left me with a tidier configuration so we are heading in the right direction.

Any more ideas ?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
port 25 connection refused even from localhost?? Ed1952 Red Hat 2 11-15-2005 08:24 AM
Connection refused error for port 25 jgnasser Linux - Networking 3 08-25-2004 07:09 AM
SSH port...Connection....refused?? Miyamoto Mandriva 6 08-26-2003 04:03 PM
port 22: connection refused lkalman Linux - Networking 13 06-17-2003 07:55 PM
Connection Refused on port 9240 Rustiy Linux - Networking 2 04-22-2003 09:48 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 10:57 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration