I have firewall that only has http traffic. I can connect to the server locally but when I go to antoher pc to connect it will not find server. I can access out onto the internet from the server and I can ping the computer and get a response from the client pc. What can I check to see what the issue is.

From a remote machine try
telnet server_ip_address 80
If you get 'Connection refused' it's your firewall or server configuration (the default is to accept connections from outside, however). My first guess would be to look at the firewall. Please post 'iptables -L' result.

Here is the output for my iptables. I can ping to computer but unable to connect to browser locally or from another computer.


when I type this (iptables -L) at command line I recieve the following:

Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere
ACCEPT udp -- anywhere anywhere udp spt:domain dpts :1024:65535
ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpt:http state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpt:http state NEW

Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anyUntitled 1where anywhere udp spts:1024:65535 dpt:domain
ACCEPT all -- anywhere anywhere state RELATED,ESTAB LISHED

Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT ipv6-crypt-- anywhere anywhere
ACCEPT ipv6-auth-- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTAB LISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:http state NEW
REJECT all -- anywhere anywhere reject-with icmp-ho st-prohibited


Also, when I type this (more /etc/sysconfig/iptables) at command line I recieve the following:

# Generated by iptables-save v1.2.9 on Thu Jun 23 10:31:41 2005
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [383:66745]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A INPUT -i eth0 -p udp -m udp --sport 53 --dport 1024:65535 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 1024:65535 --dport 80 -m state --state NEW -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 1024:65535 --dport 80 -m state --state NEW -j ACCEPT
-A FORWARD -j RH-Firewall-1-INPUT
-A OUTPUT -o eth0 -p udp -m udp --sport 1024:65535 --dport 53 -j ACCEPT
-A OUTPUT -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type 255 -j ACCEPT
-A RH-Firewall-1-INPUT -p esp -j ACCEPT
-A RH-Firewall-1-INPUT -p ah -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited


Please Help

I also recieved this error messgage when I try to restart/start my httpd server.

httpd failed. The error was: Starting httpd: (98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs
[FAILED]

It looks like it's rather something wrong with httpd. It stops, so you can't connect. First check what's using port 443. Run
netstat -l -p -n
and browse the list searching for something:443 in the 4th column. What can you see?

I changed the listen port from 80 to 88 and 443 to 448 and I was able to connect to webserver. I ran nmap and it shows that port 80, 53 and 443 tcp closed. How do I open these ports? Above is my iptables, is there any thing else that will cause it to be closed?

Please Help

Ports are open when a program is listening on them. In your case (the error you get) they seem to be closed, but still used at the same time. Switch back to standard port, try to run it, see if you get the error again and then browse netstst -l -n -p list. There should be a program using port 443. Which one?

I made a few changes in iptables. working now!