LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   cant access web server behind NAT/firewall (https://www.linuxquestions.org/questions/linux-security-4/cant-access-web-server-behind-nat-firewall-252334/)

vermaamitabh 11-08-2004 03:54 AM

cant access web server behind NAT/firewall
 
Hi,
I have installed Debain 3.0 with IpMasq package to use it as my ADSL connection as internet gateway. I installed later firestarter as firewall.
now my problem is that i have one webserver running inside my interanet with global IP. Now i cant access this when i try to access from outside.
can any body help me.
i specified in "firestarter" dyanamic rules that open TCP services for this global IP machine on port 80.

Thanks in Advance

maxut 11-08-2004 06:44 AM

u have like this network, right?
web_server ---- linux (firewall) --- internet

if it is so,u need port forwarding, not opening port.
i dont know about firestar. u can check your script. the following iptables rules will forward tcp 80 port to internal web server:

iptables -t nat -I PREROUTING -i eth_ext -p tcp --dport 80 -d public_ip_of linux -j DNAT --to local_ip_of_web_server

it depends how your firewall is built. u must also allow tcp 80 in FORWARD chain:

iptables -I FORWARD -d local_ip_of_web_server -p tcp --dport 80 -j ACCEPT

spufi 11-08-2004 07:20 AM

Keep in mind that a lot of internet providers automagically BLOCK all incoming ports below 1024.
Since you say you try to connect to port 80 on your firewall, I suggest you add a rule in your iptables that port 8080 forwards to port 80 on your LAN-webserver.

TigerOC 11-10-2004 11:43 AM

Remember you also probably need to tell the modem/router to port forward port 80 to the relevant internal IP


All times are GMT -5. The time now is 01:59 AM.