connection refused
 

Howdy:

On my home network I'm getting "network connection refused" messages when attempting to access an Apache 2.0.40 web server on Redhat 8.0.

eth0 gets its ip through dhcp and I can ping the interface. Apache is up and accessible on the local machine throught its ip address.

Even a telnet session gets a "connection refused."

Is there additional configuration required to allow connections on a LAN ?

Thanking you in advance,

Rico

Either you have your firewall setup to not allow http of telnet connections or your tcpwrappers are not allowing connections.

Hi Crashed_again:

Thanks for getting back to me.

I believe its not the firewall because other machines (solaris and NT) are allowed telnet sessions on port 80.

I took a quick look at tcpwrappers and xinetd. My current hosts.allow is empty and my xinetd.d directory lists servers and services with only:

service services{
type = INTERNAL UNLISTED
...
}

Should I simply update hosts.allow with the ip of the host I want to allow access or should I also add a new server or service ?

Any syntax corrections would also be appreciated.

Thanks,

Rico

What does your /etc/hosts.deny file look like? I may be on the wrong track here with these tcpwrappers but its worth a shot. Just to make sure that its not your tcpwrappers add:

ALL:ALL

to your /etc/hosts.allow file and then restart xinetd by doing:

/etc/init.d/xineted restart

Hi:

hosts.deny is empty.

Once I added ALL:ALL the telnet session tried to connect and timed out. The browser still gets access denied.

I also checked my /var/log/messages on xinetd and there's a warning "can't get client address: Transport endpoint is not connected"

Are you familiar with this ?

Rico

Are you trying to access these resources through IP:

http://ip.address.goes.here

telnet ip.address.goes.here

What is your network setup like? How are you other machines connected to the Apache and Telnet server?

Hi:

Yes, I'm address Apache as http://192.168.1.102/

I have a Ultra10 with Solaris 9, a NT 2002 Advanced Server and two Redhat 8.0 machines. All access a cable modem through an 8 port Linksys cable router.

All browsers on all machines can get outside the firewall, all browsers on all machines can acces web servers on the NT and Sparc machines. Apache is available locally on the Redhat machines, I can ping the interfaces on both Redhat machines, but I get access denied from Apache from inside the firewall.

R

Hi All:

Problem solved.

This was a configuration issue. When Redhat 8.0 is first installed a firewall setting is established through lokkit. In this case it was the firewall setting that caused the connection refused messages when attempting to access apache remotely.

Much thanks to Crashed_Again !

Best wishes,

Richard

I have the same problem.
How/what did you fix on your configuration?

Thanks.

how to fix the problem
 

I had this problem as well, and just now figured a way around it. I, too, am using Red Hat 8.0 and am a new apache user (though I've fiddled with Linux for a little while). The lokkit application can be run by typing /usr/sbin/lokkit at a command line (as root). Strangely, once I made changes and selected OK, the changes were lost. I finally just stopped the iptables service and that fixed the problem. [ Red Hat button --> Server settings --> Services --> iptables, then click stop. You may wish to remove the check mark to prevent iptables from running at startup. ]

Um, certainly stopping iptables will solve the problem but only because you no longer have a firewall. If that computer is connected to the internet, it is toast.

A better approach would be to configure your firewall to allow traffic to port 80. iptables -L will display your firewall rules. If you have trouble, post 'em in a new thread and ask for help.

Yes, I'm very aware that that stopping iptables leaves no firewall. I posted quite literally moments after discovering that it was indeed a firewall issue. Perhaps I should have been more clear when I said "fix." It was really the first stage of a fix, the second being allowing only http traffic on port 80. Thanks for pointing that out.