LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 03-14-2007, 11:57 AM   #1
vdemuth
Member
 
Registered: Oct 2003
Location: West Midlands, UK
Distribution: Slackware 14 (Server),Suse 13.1 (Desktop),, Mepis on the wifes lappy
Posts: 768

Rep: Reputation: 92
Firewall prevents dhcp server from operating, plus other problems.


Hi all,

I suppose this might well belong in the networking forum, but as it also relates to my use of Slackware, i guess this is the best place for it, so here goes.

I have a box setup up with the following servers running:-

Apache
Mysql
Squid
Dhcp

I also have a firewall running using iptables. Now my problem is that when the firewall is active, the dhcp server doesn't serve any IPs, and only by stopping it with /etc/rc.d/rc.firewall stop can I get the dhcp server to allocate IPs when requested
Thats problem No. 1 and the most important to solve.

Secondly, the squid proxy server doesn't seem to do transparent proxying when apache is running, and so just some advice on this issue. As I understand it, most, if not all web browsers are looking for http requests on port 80, which is where my apache serves its pages to, and also where squid expects tranparent redirection requests to be called from. To save having to set up each browser on the network to utilise the proxy address, this seems to be how squid needs to operate. So if I change the port that apache is running on to overcome this, how do I then get the webserver index page to be served just by entering the site address as I had previously done, or would I now need to append the address with the port No.

Hope this makes sense to someone, and looking forward to the answer.

TIA
 
Old 03-14-2007, 12:21 PM   #2
GrapefruiTgirl
Guru
 
Registered: Dec 2006
Location: underground
Distribution: Slackware64
Posts: 7,594

Rep: Reputation: 550Reputation: 550Reputation: 550Reputation: 550Reputation: 550Reputation: 550
RE: problem # 1 - I can't recall the exact contents of the default rc.firewall script, but I do recall it being well commented. If it allows/provides for RULES to be added or changed (which I'm fairly sure it does) then you would need to create rule(s) to allow incoming and outgoing packets on the ports and protocols necessary for the DHCP server to communicate and respond on.
I use LutelWall firewall in my Slackware, which provides VERY easy configuration of incoming and outgoing rules for every protocol there is, and what ports are used for what. But most firewalls allow for similar configuration.
As a last resort on this subject, you may want/need to implement the iptables rules yourself, but the firewall should allow for it in a much simpler way.

Problem # 2 - Seems you need a redirection in Apache, such that when it receives requests at
123.456.789.321 it would redirect them to the IP & port they should actually be going to. Like an alias. But, this is better suited to someone else for really accurate info So hopefully atleast the firewall info helps a bit!
Best of luck..
 
Old 03-15-2007, 11:24 AM   #3
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
regarding the first issue, the ISC DHCP daemon isn't affected by iptables rules (although maybe things have changed now)... if you are using another dhcp daemon, such as dnsmasq or something, you need rules like this:
Code:
iptables -I INPUT -p UDP --dport 67 --sport 68 -j ACCEPT
iptables -I OUTPUT -p UDP --dport 68 --sport 67 -j ACCEPT
the second rule is of course optional depending on your setup...

regarding the second issue, i don't think i've had enough coffee yet so i'm not positive that i understand the issue correctly - but wouldn't you be able to work-around it by having your apache listen on a different IP (alias)??

Last edited by win32sux; 03-19-2007 at 12:45 PM.
 
Old 03-19-2007, 01:53 AM   #4
vdemuth
Member
 
Registered: Oct 2003
Location: West Midlands, UK
Distribution: Slackware 14 (Server),Suse 13.1 (Desktop),, Mepis on the wifes lappy
Posts: 768

Original Poster
Rep: Reputation: 92
Thanks to both of you for the suggestions made. a change to the firewall rules as suggested by win32sux has done the job as far as the DHCP server is concerned. And the other problem with using Apache with Squid, with them both using port 80 was solved by following the advice I found here:-

http://meta.wikimedia.org/wiki/Squid_caching
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Firewall prevents socket from closing promptly kev1 Linux - Networking 2 01-10-2007 09:19 AM
Suse 9.2 firewall prevents 'ping' on local network? Steerpike Suse/Novell 5 11-27-2004 05:56 PM
firewall prevents dns access newbix Linux - Security 3 12-08-2003 11:46 PM
dhcp server and iptables firewall m021998 Linux - Networking 3 09-15-2003 06:35 PM
XP Pro Build 2600/sp1 v.1105 DHCP Client to Redhat 8.0 DHCP Server - Problems atomant Linux - Networking 5 06-28-2003 11:24 AM


All times are GMT -5. The time now is 08:15 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration