LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   so much trouble getting a server up! (https://www.linuxquestions.org/questions/linux-newbie-8/so-much-trouble-getting-a-server-up-219655/)

mindfestival 08-19-2004 08:35 AM

so much trouble getting a server up!
 
Hello all, just bought myself a new toy, the alcatel speedtouch pro adsl modem/hub/router. I also have an ftp (proftpd) and latest stable apache server running on my rh9 machine. I have enabled port fowarding on my modem, and told it to route <i>all</i> requests to port 80 from <i>all</i> sources to 192.168.0.2:80, the ip of the linux server. I have done likewise with port 21.
To verify that it is all working, here is the output of the blatantly edited, 'lists', produced from the router. NB:there is much more, but this is all that is relevant)
----------------
=>nat
[nat]=>lists
Indx Prot Inside-address:Port Outside-address:Port Foreign-address:Port Flgs Expir State Control
1 6 192.168.0.2:21 my.current.ip.add:21 0.0.0.0:0 instance
5 6 192.168.0.2:80 my.current.ip.add:80 0.0.0.0:0 instance
23 6 192.168.0.2:80 0.0.0.0:80 0.0.0.0:0 template
24 6 192.168.0.2:21 0.0.0.0:21 0.0.0.0:0 template
----------------
I have also registered myself a hostname with dyndns.org and have assured that the name points the current IP of the router. (double checked from whatismyip.com).

Onto my problem:
No-body can get to my linux server! not one. Only recently discovering that testing from within my lan doesnt work anyway, i rang a few mates and got them to test it, to my loss. All of them get a bit of lag , then "page not displayed". None of them can ping my ip directly either. This leads me to conclude that the router (i assume) is doing what i tell it to, that the packet gets fowarded and dies when it hits the linux machine, and that the problem must reside within the linux box somehow. I was suggested my another member of linuxquestions to stop iptables and try again, and unfortunately, it still seems unavailable! All of my services work perfectly fine from inside the LAN. I have done some searching to try and find out if a bug in the router is causing it, but have been unlucky in finding such complaints. If anyone out there has succesfully had a server running from behind an Alcatel SpeedTouchPro, please give me a hand! :)
Any help would be fantastic! Thanks for looking and taking the time..

mindfestival

0perat0r 08-19-2004 08:57 AM

I have a Linksys router which I have done ftp port forwarding on for Windows machine, and it worked, no problem. Shutting off the iptables service might work because that will defeat any firewall rules the Linux OS has emplaced. It appears you have done everything correctly on your router. Try putting your Linux machine in the DMZ, which will expose it to the Internet, but then you can really test if you are having problems with Linux in this regard. Also, you can physically bypass your router alltogether, and plug it directly into your Internet port. You will have to regonfigure your ehternet card in Linux with your WAN IP address. Hope this helps.

mindfestival 08-19-2004 09:49 AM

Hey 0perat0r, thanks for the reply. Unfortunately, shutting off the itpables service still did not do any good to outsiders, although i am able to ping hosts outide of my LAN. My router and modem and hub are an 'all in one' unit, so bypassing it, if i understand you correctly, isnt an option im afraid. Is my linux box not in the DMZ, a machine running services behind a router, or the router itself?

0perat0r 08-19-2004 10:08 AM

The DMZ is an acronym for demilitarized zone. Basically, when a amchine is placed in the DMZ (through your router settings), it is exposed to the Internet, and not subject to the restrictions of the router. If you put this machine in the DMZ, it will be "virtually" outside of the router, although it will be able to communcate with the rest of your LAN. For a better description of this term, see: http://www.webopedia.com/TERM/D/DMZ.html

mindfestival 08-19-2004 04:59 PM

Ok, that sounds like the best way to do real testing. Is it possible to put it in the DMZ, since all my computers connect into the one modem/routrer, arent they always considered to be 'behind' it?

0perat0r 08-19-2004 09:16 PM

Putting your Linux box in the dmz means that it is exposed to the Internet and can take any incoming traffic, irregardless of the rules of the firewall. This is very insecure, but should be effective for your (temporary) testing. Your users should be able to access the ftp server, or any server for that matter, unfettered by the router's firewall. If your router is the problem, this is probably a good way of testing that. Also see: http://www.homenethelp.com/web/expla...arding-dmz.asp

mindfestival 08-21-2004 12:57 AM

Alright thanks for the help! This is exaclty what i need to do, but how is it achieved? (As i have no way of going around the router, for it is my modem also...)
Would changing my routing table to suit:
Source: Any, Destination:Any, Gateway: routers local ip address,(or should i put the WAN IP?)
succesfully put all my PC's in the dmz?
You see it is actually more about how to do it, that is the problem ... :)
Also, would using this setup result in any further problems with my other 2 pc's? As they all have specified entries in the table.
Thankyou for you current feedback!

mindfestival

mindfestival 08-23-2004 06:08 AM

hrrm okay, just installed another httpd on my windows machine, and altered the routing lists, and still people are unable to connect, i think that this is definately a router problem.. besides this, thankyou for all your help!


All times are GMT -5. The time now is 02:41 AM.