LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-06-2003, 06:57 PM   #1
siphi
Member
 
Registered: Oct 2003
Location: Ireland
Distribution: Ubuntu Breezy, Kubuntu Breezy
Posts: 78

Rep: Reputation: 15
apache 2.0 RH9


Hi I'm hosting my own little webserver for transfering files to friends online and i'm after running into a problem. I can view my website from this machine by going to http://localhost/ but my friend can't acess the page from his box with http://myip/

What could be wrong?

Thanks
 
Old 12-07-2003, 07:55 AM   #2
siphi
Member
 
Registered: Oct 2003
Location: Ireland
Distribution: Ubuntu Breezy, Kubuntu Breezy
Posts: 78

Original Poster
Rep: Reputation: 15
anyone?
 
Old 12-07-2003, 07:57 AM   #3
druuna
LQ Veteran
 
Registered: Sep 2003
Posts: 10,532
Blog Entries: 7

Rep: Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387
The reason for this happening can have more then one cause.

1) Take a look at the Listen and ServerName directives in your httpd.conf. Are these correct?
2) Is your firewall blocking incomming (http/80, https/443) connections?

Just 2 reasons that come to mind.
 
Old 12-07-2003, 08:19 AM   #4
siphi
Member
 
Registered: Oct 2003
Location: Ireland
Distribution: Ubuntu Breezy, Kubuntu Breezy
Posts: 78

Original Poster
Rep: Reputation: 15
Ok I've checked the Listen and ServerName Settings and they are ok.
HOw do i check the firewall?
 
Old 12-07-2003, 08:31 AM   #5
druuna
LQ Veteran
 
Registered: Sep 2003
Posts: 10,532
Blog Entries: 7

Rep: Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387
I don't know if (and if so which) firewall you are using.

iptables (and the 'older' ipchains) are the one's used most frequently. If you are using one of these try something like:

$ iptables -L -n | grep dpt

There will be entries starting with ACCEPT and DENY (maybe even LOG). A combo of DENY, 0.0.0.0/0 your IP (outside, not the 192.168.x.y one) and dpt:80 tells you that http acces is not allowed.

But it also depends on the way iptables was set up. So your output might not hold the info you are looking for.
 
Old 12-07-2003, 08:34 AM   #6
siphi
Member
 
Registered: Oct 2003
Location: Ireland
Distribution: Ubuntu Breezy, Kubuntu Breezy
Posts: 78

Original Poster
Rep: Reputation: 15
ACCEPT udp -- 66.187.233.4 0.0.0.0/0 udp spt:123 dpt:123
ACCEPT udp -- 66.187.233.4 0.0.0.0/0 udp spt:123 dpt:123
ACCEPT udp -- 193.193.165.21 0.0.0.0/0 udp spt:53 dpts:1025:65535
ACCEPT udp -- 193.193.165.20 0.0.0.0/0 udp spt:53 dpts:1025:65535
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:67:68 dpts:67:68
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:67:68 dpts:67:68
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:0:1023 flags:0x16/0x02 reject-with icmp-port-unreachable
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2049 flags:0x16/0x02 reject-with icmp-port-unreachable
REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:0:1023 reject-with icmp-port-unreachable
REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:2049 reject-with icmp-port-unreachable
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:6000:6009 flags:0x16/0x02 reject-with icmp-port-unreachable
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:7100 flags:0x16/0x02 reject-with icmp-port-unreachable



this is what came up. No sign of port 80 being blocked is there?

Edit: My iptables was set up when i installed redhat9 and im not sure what way it was done.

Last edited by siphi; 12-07-2003 at 08:37 AM.
 
Old 12-07-2003, 08:46 AM   #7
druuna
LQ Veteran
 
Registered: Sep 2003
Posts: 10,532
Blog Entries: 7

Rep: Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387
Nope, no port 80, which tells you that it is blocked

The normal way of setting up iptables is to 'block everything unless stated different'. You do not have a rule that allows incomming traffic on port 80, so it is blocked.

Your next question might be "How do I add this rule?"

There are many ways to set up an iptables firewall, so the following might not work for you:

iptables -A INPUT -p tcp -i ppp0 -d 1.2.3.4 --dport http -m state --state NEW -j ACCEPT

1.2.3.4 being the IP address that you ISP gave you.

If you enter this from the commandline, the rule will be lost after the next reboot. Find the script/config file that is used by iptables on startup and add it there after you confirmed this will work for you.
 
Old 12-07-2003, 08:54 AM   #8
siphi
Member
 
Registered: Oct 2003
Location: Ireland
Distribution: Ubuntu Breezy, Kubuntu Breezy
Posts: 78

Original Poster
Rep: Reputation: 15
My friend still has no luck viewing it. Can you try so that i'll know if its his problem or mine. http://193.193.168.140 It should have my website on it. Ps. I can view the site from that link.
 
Old 12-07-2003, 09:09 AM   #9
druuna
LQ Veteran
 
Registered: Sep 2003
Posts: 10,532
Blog Entries: 7

Rep: Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387
No luck on this side.

No http, no ftp, no ssh. All 'connection refused' or 'could no connect to'. I am able to ping you.

Does Cablesurf allow local hosted webpages??
 
Old 12-07-2003, 09:13 AM   #10
siphi
Member
 
Registered: Oct 2003
Location: Ireland
Distribution: Ubuntu Breezy, Kubuntu Breezy
Posts: 78

Original Poster
Rep: Reputation: 15
yeah. Its a small host of about 700 users on a 250meg line. So they dont really care what you do with the connection. Ill put up the iptables thing after i did that allow command.

ACCEPT tcp -- 0.0.0.0/0 193.193.168.140 tcp dpt:80 state NEW
ACCEPT udp -- 66.187.233.4 0.0.0.0/0 udp spt:123 dpt:123
ACCEPT udp -- 66.187.233.4 0.0.0.0/0 udp spt:123 dpt:123
ACCEPT udp -- 193.193.165.21 0.0.0.0/0 udp spt:53 dpts:1025:65535
ACCEPT udp -- 193.193.165.20 0.0.0.0/0 udp spt:53 dpts:1025:65535
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:67:68 dpts:67:68
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spts:67:68 dpts:67:68
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:0:1023 flags:0x16/0x02 reject-with icmp-port-unreachable
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:2049 flags:0x16/0x02 reject-with icmp-port-unreachable
REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:0:1023 reject-with icmp-port-unreachable
REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:2049 reject-with icmp-port-unreachable
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:6000:6009 flags:0x16/0x02 reject-with icmp-port-unreachable
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:7100 flags:0x16/0x02 reject-with icmp-port-unreachable
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Apache - New Vulnerabilities (RH9) jon3k Linux - Security 4 11-18-2004 03:15 PM
RH9 Upgrade of Apache 2.0.40 to 2.0.45 jazz23 Linux - Newbie 4 03-25-2004 10:58 PM
apache 2.0 in RH9 tpark Linux - Networking 3 02-09-2004 06:51 PM
Configuring Apache 2 on RH9 verbal Linux - Software 3 10-28-2003 11:15 PM
apache webserver on rh9 navinc Programming 13 08-21-2003 06:43 PM


All times are GMT -5. The time now is 03:46 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration