LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 07-15-2004, 04:32 PM   #1
p_motch
LQ Newbie
 
Registered: Jul 2004
Distribution: Ubuntu
Posts: 6

Rep: Reputation: 0
Linux not accepting port forwarded packets?


My conclusion is that the Linux box running behind the Windows won't accpet the port forwarded packets. I could be completely wrong. Any help would be appreciated.

Scenario:
The Windows box is connected directly to the internet. The Windows box is using Internet Connection Sharing to sharing the Internet to the Linux box. The connection to the Linux box works perfectly. I used to have Apache running on the Windows box and now I have transfered it and got it running on the Linux box. The webserver works great accessing it by localhost on the Linux box, and I can even access the page on the Windows box by typing in its internal IP (192.168.xxx.xxx).

I want to be able to type in my domain name or IP address and have it forwarded from the Windows box to the Linux box (obviously). That's the problem. It doesn't work. The page won't display.

I have everything set up right on the Windows box. ICS is forwarding all port 80 packets to the port 80 on the linux box. I have a feeling that Linux might be blocking these forwarded packets??? Am I right? And what can I do to fix this???

Thanks!
 
Old 07-15-2004, 05:02 PM   #2
Zemmad
LQ Newbie
 
Registered: Apr 2004
Posts: 2

Rep: Reputation: 0
I've been trying to ge a solution for this problem too which i've been having for a while. Anyone out there can help, cause i'm unable to have the linux box connected directly to the internet.
 
Old 07-15-2004, 10:31 PM   #3
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
As far as Apache goes, have you modified the Apach config file to include the proper IP address to listen for? Also do netstat -pant and see what IP address Apache is listen for. Turn off firewall temporarily to see if that is potentially blocking traffic.

As far as general connectivity, can you ping each machine from the other (can Dos ping Linux and vice versa)? Again, try temporarily turning off any firewalls and see if you still can connect. If that still isn't working then try using tcpdump/ethereal to do a packet capture and see if anything is even making it through to the linux box.
 
Old 07-15-2004, 10:36 PM   #4
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
As a side note, using a windows box as the external firewall to an internal Linux box is really backwards and risky. The linux firewall is alot more powerfull and flexible than the Windows firewall. On top of that are windows security holes and the difficulty in hardening a windows box in general.
 
Old 07-15-2004, 10:44 PM   #5
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 50
Zemmad ... welcome to LQ ...

check your firewall rules .. (iptables -nvL) ... as per Capt_Caveman's advice to p_motch, try stopping the firewall temporarily (we don't know the distro you use so unable to provide you with an appropriate command. RedHat/Fedora/Mandrake use service iptables stop )

Would appreciate if your post could be made a new thread ...
Attention moderators ... can this be done?
 
Old 07-16-2004, 08:55 AM   #6
p_motch
LQ Newbie
 
Registered: Jul 2004
Distribution: Ubuntu
Posts: 6

Original Poster
Rep: Reputation: 0
Answering your questions:
I'm using Mandrake 10.0

I did disable the iptables service.

Anothering interesting note. I was having this problem as I thought because I couldn't see the webpage on either the windows box or linux box by typing in the domain or real IP. Turns out I go to another computer at a friends house and try it and it works! But how odd??? Neither of the computers on my network can see the page, but anyone else can out side the house. I can however see the page by using the 192.168.x.x address within my network, but not the router (ICS Windows box) IP.

In any case, that might be normal and I didn't know it, but if it can be fixed, I'm not going to worry about it to much. I'll just use the local IP (192.168.x.x).
 
Old 07-16-2004, 10:11 AM   #7
NetAX
Member
 
Registered: Mar 2004
Location: Boston, MA
Distribution: SuSE Linux Open/Enterprise, Red Hat, Ubuntu
Posts: 147

Rep: Reputation: 17
Yes I have that problem to. I am able to access the page by typing in the IP address. It can be seen by domain name externally. I have read about this and it seems to me like it is normal.

Maybe a virtual host could be setup for the internal network to aleviate this problem. I haven't tried it yet, but i am thinking about doing it.

Also try adding an internal IP address to the DNS zone that your website is on, maybe that will work.(Having more than one IP address in the DNS zone entry will allow a domain name to be resolved under any of the IP addresses found in that DNS zone)
 
Old 07-16-2004, 10:25 AM   #8
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 50
try adding the webaddress to your hosts file

e.g.

192.168.0.1 mywebsite.mydomain.com

and ensure (on linux) /etc/hosts.conf has

order hosts,bind
 
Old 07-17-2004, 10:59 AM   #9
p_motch
LQ Newbie
 
Registered: Jul 2004
Distribution: Ubuntu
Posts: 6

Original Poster
Rep: Reputation: 0
I can imagine the majority of this confusion lies within the fact that I am using a Windows box as the router (ICS). Not a very configurable or secure way of doing things. I just need to get the guts to forget about what value I place on the windows box and convert it to linux.
 
Old 07-17-2004, 01:18 PM   #10
zaphodiv
Member
 
Registered: Oct 2003
Distribution: Slackware
Posts: 388

Rep: Reputation: 30
I was having this problem as I thought because I couldn't see the webpage on either the windows box or linux box by typing in the domain or real IP. Turns out I go to another computer at a friends house and try it and it works! But how odd???

Windows ICS leaves a lot to be desired. For the external ip to work from behind ICS, the ICS machine would have to loop the connection back to you. Obviously it dosn't do that. I'v seen some hardware NAT routers that do and some that don't. It works with a linux NAT box.

> Also try adding an internal IP address to the DNS zone that your website is on
Bad idea. The will break it from other LAN's using 192.168
 
Old 07-18-2004, 09:54 AM   #11
p_motch
LQ Newbie
 
Registered: Jul 2004
Distribution: Ubuntu
Posts: 6

Original Poster
Rep: Reputation: 0
I'll take the conventional advise and make a linux nat box. I'd be a fool to keep wasting my time with the windows ICS.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Kernel 2.6.11.12 fixes Network Bridge Incorrectly Forwarded Packets unSpawn Linux - Security 0 11-23-2005 07:25 AM
port is not being forwarded in linux tharsan Linux - Networking 3 02-21-2005 12:48 PM
Sendmail port suddenly not accepting zuckerj Linux - General 3 09-26-2004 10:23 PM
nocatauth not accepting requests on port 80 majortool Linux - Wireless Networking 0 07-13-2004 01:08 AM
Red Hat 9 eth0 not accepting incoming packets. BinkyTheOracle Linux - Networking 21 01-25-2004 02:28 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 11:45 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration