Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
07-23-2013, 12:40 PM
|
#1
|
LQ Newbie
Registered: Sep 2007
Location: Kolkata, INDIA
Distribution: RHL7.3/8.0, RHEL V3
Posts: 5
Rep:
|
Problem in finding the http server through LAN
Dear friends, I'm using Scientific Linux 5.2 (2.6.18-348.4.1.el5) and successfully installed Apache2.0 and PHP, started httpd. Therefore, I'm able to see the default Apache page through the browser ( http://127.0.0.1/ Or http://192.168.1.2/) when looked from the localhost. I tested the setup by putting my html home page at /var/www/html/ successfully from localhost. I've a small LAN at my home which connects two windows laptops and the linux desktop with the DSL router modem (192.168.1.1). Whenever I try to look for http://192.168.1.2/ from the windows laptops it fails to connect. The router always searches for the requested ip in the outer world through the DNS. So,I edited the httpd.conf for the Listen, Allow and Deny parameters, restarted httpd but no result. Can anyone guide me what to do in this situation? I don't have a private domain setup.
Regards.
Somen.
|
|
|
07-23-2013, 01:18 PM
|
#2
|
Senior Member
Registered: Jul 2004
Location: Skuttunge SWEDEN
Distribution: Debian preferably
Posts: 1,350
Rep:
|
Quote:
Originally Posted by somen.chanda
The router always searches for the requested ip in the outer world through the DNS.
|
This is wrong. No router should search "outer world" for a private ip.
If I understand you correctly, your DSL-modem has 2 connected interfaces, one for internet the other with ip 192.168.1.1.
And your computers are all in 192.168.1.0/24.
How do you know your modem searches outer world? If it does, with this setup it shouldn't and might be faulty - unless you manually entered a static route in the DSL-modem?
If thta was just a guess, I suggest you check the firewall on your Scientific Linux.
|
|
|
07-23-2013, 01:25 PM
|
#3
|
Senior Member
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 4,278
|
service iptables stop
|
|
1 members found this post helpful.
|
07-24-2013, 10:06 AM
|
#4
|
LQ Newbie
Registered: Sep 2007
Location: Kolkata, INDIA
Distribution: RHL7.3/8.0, RHEL V3
Posts: 5
Original Poster
Rep:
|
Many thanx to pingu and szboardstretcher. "/sbin/service iptables stop" did the following -
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]
and now I'm able to browse my html homepage or any other html/php pages from windows machine. So it was the firewall who was stopping the incoming request. Can you please explain what is happening here? Since firewall rules are flushed, doesn't the system become vulnerable to security?
Thanx again. Regards.
Somen.
|
|
|
07-24-2013, 10:14 AM
|
#5
|
Senior Member
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 4,278
|
Its vulnerable now, because there is no firewall. But it proves that your firewall is the problem. For a default installation of Centos/SL6 that you want to run a webserver on, you can do this locally, DO NOT do this if you are ssh'd in, only do it LOCALLY:
Enable IPtables
Code:
service iptables start
chkconfig iptables on
Clear current IPtables policies
Code:
iptables -F
iptables -X
Put in some default rules to allow ssh and web traffic and localhost
Code:
iptables -P INPUT ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
Check that iptables rules worked
Save iptables if so
Code:
service iptables save
I didnt write this out of memory,. i copy and pasted a lot from http://wiki.centos.org/HowTos/Network/IPTables which I suggest you take a look at to understand what is going on here.
Happy travels.
Last edited by szboardstretcher; 07-24-2013 at 10:16 AM.
|
|
1 members found this post helpful.
|
07-24-2013, 10:17 AM
|
#6
|
Senior Member
Registered: Jul 2004
Location: Skuttunge SWEDEN
Distribution: Debian preferably
Posts: 1,350
Rep:
|
Running no firewall means that the system becomes more vulnerable to security, that's correct.
Depending on what other firewall you have you might not need one.
The safest is to only open for http & https.
Taken from memory: "iptables -A INPUT -p tcp --dport 80 -j ACCEPT"
will open for http.
|
|
1 members found this post helpful.
|
07-26-2013, 03:24 AM
|
#7
|
LQ Newbie
Registered: Sep 2007
Location: Kolkata, INDIA
Distribution: RHL7.3/8.0, RHEL V3
Posts: 5
Original Poster
Rep:
|
Thanx a lot to all.
Many thanks friends, the suggestions worked fine. Now I want to setup a KOHA client-server system. The server will be my SL5 machine and the windows are clients. Since KOHA client interface is an web browser application, shouldn't I expect that it would run successfully with the current setup? Regards.
Somen.
|
|
|
All times are GMT -5. The time now is 02:27 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|