LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   Suddenly unable to connect to my web server and my ftp server. HELP! (https://www.linuxquestions.org/questions/linux-software-2/suddenly-unable-to-connect-to-my-web-server-and-my-ftp-server-help-184877/)

Silly22 05-23-2004 01:23 PM
Suddenly unable to connect to my web server and my ftp server. HELP!
 
Ok, I've had a Mandrake Linux 9.2 machine running for the past 5-7 months with no problems. I was able to access my Apache httpd server on port 80, and my proftpd server on port 21 no problem until May 20 last week.

I use shorewall to manage the iptables rules, and I had the rules correctly setup to accept port 80 and 21 from both my masqueraded internal network and from the Internet outside.

Suddenly, on May 20, I couldn't connect from outside my network to either my ftp daemon nor my http daemon on this Mandrake box. When I say I "couldn't connect" I mean that it timed out every time I tried to access my httpd or ftpd server. However, I am still able to connect to these two daemons from inside (from my masqueraded machines) my network though.

So, I decided to do some tests. I rewrote the shorewall rules so that ports 80 and 21 were no longer accepted and thereby logged at kernel.info level. I got a remote machine to make an ftp attempt on port 21 and an HTTP request on port 80. These attempts were successfully logged into /var/log/kernel/info. So I thought, this is good, something's getting to my machine.

Then I reconfigured proftpd to run on port 2222, and I opened port 2222 through shorewall. I used a remote machine to get onto my ftp daemon on port 2222; it worked no sweat.

So now I'm stuck, I still need my httpd server on port 80 to work and all I get is a timeout when I attempt to access it from outside my network.

rottie 05-23-2004 01:40 PM
Have you tried running tcpdump and watch wether the traffic from outside reaches your machine?
Is there a firewall between your machine and the outside network? What kind of connection do you have with the outside network? Maybe your provider started blocking some ports?

When you say this suddenly started I take it that you did no changes on your network that time?

drigz 05-23-2004 02:20 PM
some isps wont block port 80 as they dont want you running a webserver without paying extra. perhaps the same goes for 21. my guess would be that your isp decided to starting blocking these ports. give them a call.

Silly22 05-23-2004 03:24 PM
Quote:
When you say this suddenly started I take it that you did no changes on your network that time?
That's right, I did not make any changes to my server and it just suddenly stopped working.

I don't have any other firewalls between the Mandrake machine and my DSL modem.

I tried the command tcpdump in my shell as root, and it says "command not found"

I did try typing "more /proc/net/ip_conntrack" whilst I made a remote computer attempt to connect, here's an excerpt

Code:
tcp      6 28 SYN_RECV src=129.128.98.44 dst=1XX.166.2XX.XX sport=34986 dport=80 src=1XX.166.2XX.XX dst=129.128.98.44 sport=80 dport=34986 use=1
I also tried configuring apache to listen on port 8000, instead of port 80, this worked perfectly...

I'm very much suspecting now that my ISP is blocking my OUTGOING responses to requests made on port 80 and port 21.

drigz 05-23-2004 04:42 PM
as i said, jsut call them up and ask them. i might have to switch to another isp, or pay extra...


All times are GMT -5. The time now is 03:45 AM.