Accessing linuxgalaxy.org from the outside world
Posted 12-16-2017 at 02:09 PM by kingbeowulf
Tags dns, firewall, port forwarding, server
After some maintenance on the antique hardware and a new hard drive, I decide to upgrade to slackware-14.2. All seemed ok until I noticed (months later) that www.linuxgalaxy.org web site was no longer accessible from the outside world, as was murmur ans ssh. All worked well from inside my network. Therefore, it's not a web/murmur/ssh server configuration. The firewall script is passing though the correct ports - even turned it off for a bit and no change. Thus, its either:
At this point, I'm a bit stumped as to what changed, or what I overlooked, when I upgraded Slackware.
- OpenWRT port forwarding - which hasn't changed in years
- afraid.freedns.org dynamic DNS configuration
- Comcast causing trouble
- new Netgear cable modem to replace the rented Arris from Comcast.
At this point, I'm a bit stumped as to what changed, or what I overlooked, when I upgraded Slackware.
Total Comments 1
Comments
-
I was going around in circles in assuming ther 14.1 == 14.2 in terms of kernel netfilter configuration. After poking around the 4 corners of the internet, and some help from IRC ##slackware user dive, I found the culprit. I did set up everything correcty when upgrading to 14.2 EXCEPT one iptables rule for "New not Syn" that had changed, or had been edited sometime in the distant past.
Old Rule, works in 14.1 (?) not 14.2:
Code:iptables -A bad_tcp_packets -p tcp --syn -m state --state NEW -j DROP
Code:iptables -A bad_tcp_packets -p tcp -m conntrack --ctstate NEW -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -j DROP
Posted 12-31-2017 at 03:02 AM by kingbeowulf