I set up apache (apache2) to create a moodle server, but I can't get it to work globally. Here is the rub:

http://192.168.0.150 works beautifully, showing me the index page at /var/www

http://mysite.homelinux.org (my dyndns) or http://96.49.75.14 (my current IP address) doesn't work.

ssh works well globally, i.e. ssh -l myname mysite.homelinux.org works.

pinging mysite.homelinux.org works without a problem.

Ports 22, 80 and 443 are open on my router (checked my router's settings).

I use ubuntu 10.4. Is it an iptables problem, as in http://www.linuxquestions.org/questi...achine-750157/ ? But I couldn't figure out the iptables manpage. Please help if you can.

Did you forward port 80 from your router to 192.168.0.150 ?

What address(es) is Apache listening on (netstat -nap | grep -E "LISTEN.*(httpd|apache)")?

Thanks! Great question. I just looked at a screenshot and it looks like port 22 (ssh) is forwarded to 192.168.0.150 while port 80 is forwarded to 0.0.0.0. I'll change it when I get home and report on whether that fixes the problem.

Yeah you have to make sure port 80 is forwarded to the correct ip address. I know this because I spent around 6 hours last month having the exact same problem lol.

Justin

No luck though! In the advanced tab of my router, I changed

Virtual Server HTTP 0.0.0.0 TCP 80/80 always

to

Virtual Server HTTP 192.168.0.150 TCP 80/80 always,

expecting triumph, but it turned out the problem didn't go away.

http://192.168.0.150 still works beautifully,

http://96.49.75.14 (my current IP address) or http://myname.homelinux.org (my dyndns) don't ("The server at 96.49.75.14 is taking too long to respond")

What else needs to be checked?

Are you accepting the incoming connections on your router? If you have blocked them then there is no meaning in forwarding them.
And I am not able to ping your ip address.

Sorry, I should have mentioned that I changed the temporary IP address just a bit because I didn't know if it would be a security risk to put it on a public forum. I tried pinging it and it works fine (again, I changed the IP address a bit).

ping -c 4 96.49.75.14
PING 96.49.75.14 (96.49.75.14) 56(84) bytes of data.
64 bytes from 96.49.75.14: icmp_seq=1 ttl=127 time=2.90 ms
64 bytes from 96.49.75.14: icmp_seq=2 ttl=127 time=2.90 ms
64 bytes from 96.49.75.14: icmp_seq=3 ttl=127 time=2.95 ms
64 bytes from 96.49.75.14: icmp_seq=4 ttl=127 time=2.93 ms

--- 96.49.75.14 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 2.900/2.924/2.951/0.043 ms

Then:

ping -c 4 myname.homelinux.org
PING myname.homelinux.org (96.49.75.14) 56(84) bytes of data.
64 bytes from S01060014c20eff70.vc.shawcable.net (96.49.75.14): icmp_seq=1 ttl=1
27 time=1.18 ms
64 bytes from S01060014c20eff70.vc.shawcable.net (96.49.75.14): icmp_seq=2 ttl=1
27 time=2.57 ms
64 bytes from S01060014c20eff70.vc.shawcable.net (96.49.75.14): icmp_seq=3 ttl=1
27 time=2.94 ms
64 bytes from S01060014c20eff70.vc.shawcable.net (96.49.75.14): icmp_seq=4 ttl=1
27 time=2.92 ms

--- myname.homelinux.org ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 1.184/2.408/2.946/0.724 ms

I just went into my router again and found a filters tab. It says

TCP 80 always

with IP range *, but it seems to be `disabled'. I enabled it and tried

http://96.49.75.16

no luck, so I changed it back to disabled (and it still doesn't work).

I just tried https://www.grc.com/x/ne.dll?bh0bkyd2 (Shield Up) and it appears that my ISP is blocking port 80. I guess I'll have to talk to them (Shaw).

All right. I went through ShieldsUP and you were right, they can ping me, but they can't get through at port 80. So I talked to my internet service provider, Shaw, and they said:

So, my Virtual Servers List on my router points port 80 to 192.168.0.150, the filter for port 80 on the router is disabled, my ISP doesn't block port 80. I am wondering if there is a firewall on ubuntu 10.4 (that I certainly didn't install) that may be blocking port 80. How would I find out?

I ran "netstat -nap" and looked for apache in the output. There was nothing. Is that the problem?

I use Shaw cable in the greater Vancouver area, and have run a HTTP server on port 80 for years. Other people that I know do the same.

Your problem may be at the router, or on your local LAN, or on your web server. To isolate, first start by listening with something non-apache, like netcat (nc). Turn off Apache, temporarily, and run
Try to make connections to your server from outside and from inside your LAN. If netcat shows a connection & HTTP request, then you can focus on your web server setup. Otherwise, seek to find problems on the router, or LAN. Since you already said that the server responds to requests from the LAN, it is reasonable to expect that the server is configured properly, and that there is no firewall intervening.
If you can provide more details about your router and what configuration you've performed to set up for your web server, perhaps someone can identify a problem there. If you had used a Linux based firewall, I think many people could advise you.
---- rod.

Thanks. Yes, it isn't Shaw. (And I don't think it is my router.) I think it has to do with my apache setup, but I still can't find the problem. I added

to apache2.conf which now makes apache start and stop without errors. But after starting apache

does not yield anything, and according to http://kb.parallels.com/en/1481 it should yield something like

I tried netcat but the manual page tells me that the -p and the -l option are incompatible. In any case, I tried

and many permutations but kept getting the netcat error message

so if you could resend that command to make it work I'd really appreciate it.

BTW, my hostname and `myname' in the servername myname.homelinux.org are not identical. I am quite foggy on hostnames, servernames, domainnames and their black magic, so I thought I'd mention it.

I also found a very nice website which demonstrates my problem. http://ping.eu/ will ping myname.homelinux.org without a problem, but when I do their port check it shows me that my port 80 is closed.

Okay, apparently different versions of netcat have different arguments. On my Fedora 9 host, this works:
On a locally connected Debian host, I doand on the F9 host, I see
while the Debian client side says
Not that the HTTP transfer does not complete, because netcat is not an HTTP server, and because I terminated it with Ctrl-C.

Hope this helps.

--- rod.

I ran

to stop apache2. Then I ran

which yielded

Then I ran, on a locally connected machine,

which yielded

then I ran

on the same locally connected computer (my computer's IP address [with a digit changed for privacy], according to whatsmyip.org) -- no response. I don't think it would have been any different on an external computer (not local), because I tried that several times yesterday and never got a response. So everything looks the same as on Rod's computer, but I can't open port 80 to the outside world.

Please keep helping. You guys have been awesome so far.

I ran

to stop apache2. Then I ran

which yielded

Then I ran, on a locally connected machine,

which yielded

then I ran

on the same locally connected computer (my computer's IP address [with a digit changed for privacy], according to whatsmyip.org) -- no response. I don't think it would have been any different on an external computer (not local), because I tried that several times yesterday and never got a response. So everything looks the same as on Rod's computer, but I can't open port 80 to the outside world.

Please keep helping. You guys have been awesome so far.

Stupid question (I'm sure you thought if this...)

But did you set the "ServerName" in the http.conf file? Are you using VirtualHosts?

If you're forwarding the right ports to the right ip then maybe the conf file is the issue?

Have you tried hitting your site with your external ip yet?