|
Is there any Linux firewall setting which mayprevent apache from accepting connection
Hi, I have set up apache server on Fedora core 9 box. The connection to the server from the inside of the box is fine, but the apache can not receive connection from the outside of the box. I have worked very hard to find what causes the problem, but I could not. I eventually suspect that there may be some security setting such as firewall on the Fedora core 9 box, which blocks network connections to a web server (apache). I searched on google and found that system-config-securitylevel may be the tool to configure the firewall, but I could not find out how to do it. Or, maybe, there may be different reasons for the web server connection problem. I want to know what causes the problem and how to fix it. I will appreciate any suggestions and opinions.
Thank you in advance P.S. The below is the explanation of how I have tested the web server. Currently I am testing the web server within a LAN. I tried to access the web server from one of a pc in the LAN which runs Windows XP pro. The server can be found by ping from the PC, and also the PC can be found by ping from the server. There is apache running on the PC as well, and I can access the apache on the pc from the server. I monitored packets to the server by tcpdump command. when I access the apache on the server from the pc, I could see the packets reached the server box, but the apache did not respond. I also run telnet from the pc to access the web server on the server box, but the connection to the web server was failed although the packets could reach the web server box. |
Login as root, and run:
# /etc/init.d/iptables stop Then test your webserver again. |
service iptables status - see the firewall status
service iptables stop - stop firewall |
Hi thank you very much for your help. I did it and I could access the web server from the PC. :)
Now I know the firewall caused the problem, but how should I set up the firewall? I am going to search for how to do it, but if you can help me, please let me know it. Sam |
Quote:
|
I could find very good resources to learn iptables and tried following iptables commands,but I still have problem to access the web server from a pc on LAN if iptables is valid. Why the commands below did not help to allow www access to the firewall?
---------------------------------------- Below is what I did to set up iptables: To set up iptables to Allow WWW and SSH access to the firewall I executed the following command (note: I do not use SSH at this point yet): #--------------------------------------------------------------- # Allow previously established connections # - Interface eth0 is the internet interface #--------------------------------------------------------------- iptables -A OUTPUT -o eth0 -m state --state ESTABLISHED,RELATED \ -j ACCEPT #--------------------------------------------------------------- # Allow port 80 (www) and 22 (SSH) connections to the firewall #--------------------------------------------------------------- iptables -A INPUT -p tcp -i eth0 --dport 22 --sport 1024:65535 \ -m state --state NEW -j ACCEPT iptables -A INPUT -p tcp -i eth0 --dport 80 --sport 1024:65535 \ -m state --state NEW -j ACCEPT I run the following command to save the changes on the iptables: #service iptables save |
Thank you for the everybody who is helping me.
So far I tried to learn iptables and tried some iptables commands. Now I feel I am moving towards right direction, but have not succeeded yet. The commands I run did not help to set up the iptables correctly to allow www trafic from the out side of the server. I thought these iptables commands make sense and do not understand why they did not work as I expected... Besides, I want to try shorewall. Sam |
| All times are GMT -5. The time now is 06:53 AM. |