LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 05-20-2010, 09:24 AM   #1
evaristegalois
Member
 
Registered: Sep 2006
Distribution: Ubuntu 14.04
Posts: 33

Rep: Reputation: 15
apache works locally but not globally


I set up apache (apache2) to create a moodle server, but I can't get it to work globally. Here is the rub:

http://192.168.0.150 works beautifully, showing me the index page at /var/www

http://mysite.homelinux.org (my dyndns) or http://96.49.75.14 (my current IP address) doesn't work.

ssh works well globally, i.e. ssh -l myname mysite.homelinux.org works.

pinging mysite.homelinux.org works without a problem.

Ports 22, 80 and 443 are open on my router (checked my router's settings).

I use ubuntu 10.4. Is it an iptables problem, as in http://www.linuxquestions.org/questi...achine-750157/ ? But I couldn't figure out the iptables manpage. Please help if you can.
 
Old 05-20-2010, 09:57 AM   #2
AlucardZero
Senior Member
 
Registered: May 2006
Location: USA
Distribution: Debian
Posts: 4,650

Rep: Reputation: 525Reputation: 525Reputation: 525Reputation: 525Reputation: 525Reputation: 525
Did you forward port 80 from your router to 192.168.0.150 ?

What address(es) is Apache listening on (netstat -nap | grep -E "LISTEN.*(httpd|apache)")?
 
Old 05-20-2010, 12:24 PM   #3
evaristegalois
Member
 
Registered: Sep 2006
Distribution: Ubuntu 14.04
Posts: 33

Original Poster
Rep: Reputation: 15
Thanks! Great question. I just looked at a screenshot and it looks like port 22 (ssh) is forwarded to 192.168.0.150 while port 80 is forwarded to 0.0.0.0. I'll change it when I get home and report on whether that fixes the problem.
 
Old 05-20-2010, 03:50 PM   #4
jscherer92
Member
 
Registered: May 2010
Location: Illinois
Distribution: Ubuntu 10.04
Posts: 43

Rep: Reputation: 16
Yeah you have to make sure port 80 is forwarded to the correct ip address. I know this because I spent around 6 hours last month having the exact same problem lol.

Justin

Last edited by Tinkster; 05-24-2010 at 12:31 AM. Reason: link spam removed
 
Old 05-21-2010, 01:13 AM   #5
evaristegalois
Member
 
Registered: Sep 2006
Distribution: Ubuntu 14.04
Posts: 33

Original Poster
Rep: Reputation: 15
No luck though! In the advanced tab of my router, I changed

Virtual Server HTTP 0.0.0.0 TCP 80/80 always

to

Virtual Server HTTP 192.168.0.150 TCP 80/80 always,

expecting triumph, but it turned out the problem didn't go away.

http://192.168.0.150 still works beautifully,

http://96.49.75.14 (my current IP address) or http://myname.homelinux.org (my dyndns) don't ("The server at 96.49.75.14 is taking too long to respond")

What else needs to be checked?
 
Old 05-21-2010, 01:37 AM   #6
linuxlover.chaitanya
Senior Member
 
Registered: Apr 2008
Location: Nagpur, India
Distribution: Cent OS 5/6, Ubuntu Server 10.04
Posts: 4,628

Rep: Reputation: Disabled
Are you accepting the incoming connections on your router? If you have blocked them then there is no meaning in forwarding them.
And I am not able to ping your ip address.
 
Old 05-21-2010, 09:46 AM   #7
evaristegalois
Member
 
Registered: Sep 2006
Distribution: Ubuntu 14.04
Posts: 33

Original Poster
Rep: Reputation: 15
Sorry, I should have mentioned that I changed the temporary IP address just a bit because I didn't know if it would be a security risk to put it on a public forum. I tried pinging it and it works fine (again, I changed the IP address a bit).

ping -c 4 96.49.75.14
PING 96.49.75.14 (96.49.75.14) 56(84) bytes of data.
64 bytes from 96.49.75.14: icmp_seq=1 ttl=127 time=2.90 ms
64 bytes from 96.49.75.14: icmp_seq=2 ttl=127 time=2.90 ms
64 bytes from 96.49.75.14: icmp_seq=3 ttl=127 time=2.95 ms
64 bytes from 96.49.75.14: icmp_seq=4 ttl=127 time=2.93 ms

--- 96.49.75.14 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 2.900/2.924/2.951/0.043 ms

Then:

ping -c 4 myname.homelinux.org
PING myname.homelinux.org (96.49.75.14) 56(84) bytes of data.
64 bytes from S01060014c20eff70.vc.shawcable.net (96.49.75.14): icmp_seq=1 ttl=1
27 time=1.18 ms
64 bytes from S01060014c20eff70.vc.shawcable.net (96.49.75.14): icmp_seq=2 ttl=1
27 time=2.57 ms
64 bytes from S01060014c20eff70.vc.shawcable.net (96.49.75.14): icmp_seq=3 ttl=1
27 time=2.94 ms
64 bytes from S01060014c20eff70.vc.shawcable.net (96.49.75.14): icmp_seq=4 ttl=1
27 time=2.92 ms

--- myname.homelinux.org ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 1.184/2.408/2.946/0.724 ms

I just went into my router again and found a filters tab. It says

TCP 80 always

with IP range *, but it seems to be `disabled'. I enabled it and tried

http://96.49.75.16

no luck, so I changed it back to disabled (and it still doesn't work).
 
Old 05-21-2010, 09:54 AM   #8
evaristegalois
Member
 
Registered: Sep 2006
Distribution: Ubuntu 14.04
Posts: 33

Original Poster
Rep: Reputation: 15
I just tried https://www.grc.com/x/ne.dll?bh0bkyd2 (Shield Up) and it appears that my ISP is blocking port 80. I guess I'll have to talk to them (Shaw).
 
Old 05-21-2010, 01:10 PM   #9
evaristegalois
Member
 
Registered: Sep 2006
Distribution: Ubuntu 14.04
Posts: 33

Original Poster
Rep: Reputation: 15
All right. I went through ShieldsUP and you were right, they can ping me, but they can't get through at port 80. So I talked to my internet service provider, Shaw, and they said:

Quote:
there is nothing we can assist you with - we do not block ports and this is strictly router related -
let me confirm -
we are not blocking port 80-
if it is not working it may be router related - this is not supported by shaw.
So, my Virtual Servers List on my router points port 80 to 192.168.0.150, the filter for port 80 on the router is disabled, my ISP doesn't block port 80. I am wondering if there is a firewall on ubuntu 10.4 (that I certainly didn't install) that may be blocking port 80. How would I find out?

I ran "netstat -nap" and looked for apache in the output. There was nothing. Is that the problem?
 
Old 05-21-2010, 03:44 PM   #10
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,395
Blog Entries: 2

Rep: Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903
I use Shaw cable in the greater Vancouver area, and have run a HTTP server on port 80 for years. Other people that I know do the same.

Your problem may be at the router, or on your local LAN, or on your web server. To isolate, first start by listening with something non-apache, like netcat (nc). Turn off Apache, temporarily, and run
Code:
nc -p 80 -l -vv
Try to make connections to your server from outside and from inside your LAN. If netcat shows a connection & HTTP request, then you can focus on your web server setup. Otherwise, seek to find problems on the router, or LAN. Since you already said that the server responds to requests from the LAN, it is reasonable to expect that the server is configured properly, and that there is no firewall intervening.
If you can provide more details about your router and what configuration you've performed to set up for your web server, perhaps someone can identify a problem there. If you had used a Linux based firewall, I think many people could advise you.
---- rod.
 
Old 05-21-2010, 06:21 PM   #11
evaristegalois
Member
 
Registered: Sep 2006
Distribution: Ubuntu 14.04
Posts: 33

Original Poster
Rep: Reputation: 15
Thanks. Yes, it isn't Shaw. (And I don't think it is my router.) I think it has to do with my apache setup, but I still can't find the problem. I added

Quote:
# added servername to avoid the could not determine fqdn error
ServerName myname.homelinux.org
to apache2.conf which now makes apache start and stop without errors. But after starting apache

Quote:
netstat -l | grep http
does not yield anything, and according to http://kb.parallels.com/en/1481 it should yield something like

Quote:
tcp 0 0 *:http *:* LISTEN
I tried netcat but the manual page tells me that the -p and the -l option are incompatible. In any case, I tried

Quote:
nc -p 80 -l -vv
and many permutations but kept getting the netcat error message

Quote:
usage: nc [-46DdhklnrStUuvzC] [-i interval] [-P proxy_username] [-p source_port]
[-s source_ip_address] [-T ToS] [-w timeout] [-X proxy_protocol]
[-x proxy_address[ort]] [hostname] [port[s]]
so if you could resend that command to make it work I'd really appreciate it.

BTW, my hostname and `myname' in the servername myname.homelinux.org are not identical. I am quite foggy on hostnames, servernames, domainnames and their black magic, so I thought I'd mention it.

I also found a very nice website which demonstrates my problem. http://ping.eu/ will ping myname.homelinux.org without a problem, but when I do their port check it shows me that my port 80 is closed.

Last edited by evaristegalois; 05-21-2010 at 06:24 PM.
 
Old 05-22-2010, 04:23 PM   #12
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,395
Blog Entries: 2

Rep: Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903
Okay, apparently different versions of netcat have different arguments. On my Fedora 9 host, this works:
Code:
sudo nc -l -vv 80
On a locally connected Debian host, I do
Code:
$ wget http://192.168.0.11
and on the F9 host, I see
Code:
Connection from 192.168.0.17 port 80 [tcp/http] accepted
GET / HTTP/1.0
User-Agent: Wget/1.11.4
Accept: */*
Host: 192.168.0.11
Connection: Keep-Alive
^C
while the Debian client side says
Code:
--2010-05-22 13:17:50--  http://192.168.0.11/
Connecting to 192.168.0.11:80... connected.
HTTP request sent, awaiting response...
No data received.
Retrying.

--2010-05-22 13:18:18--  (try: 2)  http://192.168.0.11/
Connecting to 192.168.0.11:80... failed: Connection refused.
Not that the HTTP transfer does not complete, because netcat is not an HTTP server, and because I terminated it with Ctrl-C.

Hope this helps.

--- rod.

Last edited by theNbomr; 05-22-2010 at 04:25 PM.
 
Old 05-22-2010, 11:57 PM   #13
evaristegalois
Member
 
Registered: Sep 2006
Distribution: Ubuntu 14.04
Posts: 33

Original Poster
Rep: Reputation: 15
I ran

Quote:
sudo apache2ctl stop
to stop apache2. Then I ran

Quote:
sudo nc -l -vv 80
which yielded

Quote:
Connection from 192.168.0.105 port 80 [tcp/www] accepted
GET / HTTP/1.0
User-Agent: Wget/1.11.4
Accept: */*
Host: 192.168.0.150
Connection: Keep-Alive
Then I ran, on a locally connected machine,

Quote:
wget http://192.168.0.150
which yielded

Quote:
wget http://192.168.0.150
--2010-05-22 20:49:42-- http://192.168.0.150/
Connecting to 192.168.0.150:80... connected.
HTTP request sent, awaiting response... ^C
then I ran

Quote:
wget http://96.49.75.14
on the same locally connected computer (my computer's IP address [with a digit changed for privacy], according to whatsmyip.org) -- no response. I don't think it would have been any different on an external computer (not local), because I tried that several times yesterday and never got a response. So everything looks the same as on Rod's computer, but I can't open port 80 to the outside world.

Please keep helping. You guys have been awesome so far.
 
Old 05-22-2010, 11:57 PM   #14
evaristegalois
Member
 
Registered: Sep 2006
Distribution: Ubuntu 14.04
Posts: 33

Original Poster
Rep: Reputation: 15
I ran

Quote:
sudo apache2ctl stop
to stop apache2. Then I ran

Quote:
sudo nc -l -vv 80
which yielded

Quote:
Connection from 192.168.0.105 port 80 [tcp/www] accepted
GET / HTTP/1.0
User-Agent: Wget/1.11.4
Accept: */*
Host: 192.168.0.150
Connection: Keep-Alive
Then I ran, on a locally connected machine,

Quote:
wget http://192.168.0.150
which yielded

Quote:
wget http://192.168.0.150
--2010-05-22 20:49:42-- http://192.168.0.150/
Connecting to 192.168.0.150:80... connected.
HTTP request sent, awaiting response... ^C
then I ran

Quote:
wget http://96.49.75.14
on the same locally connected computer (my computer's IP address [with a digit changed for privacy], according to whatsmyip.org) -- no response. I don't think it would have been any different on an external computer (not local), because I tried that several times yesterday and never got a response. So everything looks the same as on Rod's computer, but I can't open port 80 to the outside world.

Please keep helping. You guys have been awesome so far.
 
Old 05-23-2010, 12:30 AM   #15
custangro
Senior Member
 
Registered: Nov 2006
Location: California
Distribution: Fedora , CentOS , Solaris 10, RHEL
Posts: 1,935
Blog Entries: 1

Rep: Reputation: 188Reputation: 188
Quote:
Originally Posted by evaristegalois View Post
I ran



to stop apache2. Then I ran



which yielded


Then I ran, on a locally connected machine,



which yielded



then I ran



on the same locally connected computer (my computer's IP address [with a digit changed for privacy], according to whatsmyip.org) -- no response. I don't think it would have been any different on an external computer (not local), because I tried that several times yesterday and never got a response. So everything looks the same as on Rod's computer, but I can't open port 80 to the outside world.

Please keep helping. You guys have been awesome so far.
Stupid question (I'm sure you thought if this...)

But did you set the "ServerName" in the http.conf file? Are you using VirtualHosts?

If you're forwarding the right ports to the right ip then maybe the conf file is the issue?

Have you tried hitting your site with your external ip yet?
 
  


Reply

Tags
apache, server, web


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Fedora Core 11 - Apache works locally but not from a different machine vuhuynh Linux - Newbie 5 08-26-2009 08:09 AM
sendmail: can receive all; send locally, but not globally gesho Linux - Server 2 09-17-2007 10:34 PM
biff works over ssh but not locally (in Konsole) jashmenn Slackware 0 03-17-2006 08:23 PM
tightVNC works locally but not remotely? mikeli Linux - Software 2 02-01-2005 05:48 AM
sendmail - works locally but not from outside ereeno Linux - Software 5 02-03-2004 01:40 AM


All times are GMT -5. The time now is 06:21 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration