-   Linux - Security (
-   -   cant access web server behind NAT/firewall (

vermaamitabh 11-08-2004 03:54 AM

cant access web server behind NAT/firewall
I have installed Debain 3.0 with IpMasq package to use it as my ADSL connection as internet gateway. I installed later firestarter as firewall.
now my problem is that i have one webserver running inside my interanet with global IP. Now i cant access this when i try to access from outside.
can any body help me.
i specified in "firestarter" dyanamic rules that open TCP services for this global IP machine on port 80.

Thanks in Advance

maxut 11-08-2004 06:44 AM

u have like this network, right?
web_server ---- linux (firewall) --- internet

if it is so,u need port forwarding, not opening port.
i dont know about firestar. u can check your script. the following iptables rules will forward tcp 80 port to internal web server:

iptables -t nat -I PREROUTING -i eth_ext -p tcp --dport 80 -d public_ip_of linux -j DNAT --to local_ip_of_web_server

it depends how your firewall is built. u must also allow tcp 80 in FORWARD chain:

iptables -I FORWARD -d local_ip_of_web_server -p tcp --dport 80 -j ACCEPT

spufi 11-08-2004 07:20 AM

Keep in mind that a lot of internet providers automagically BLOCK all incoming ports below 1024.
Since you say you try to connect to port 80 on your firewall, I suggest you add a rule in your iptables that port 8080 forwards to port 80 on your LAN-webserver.

TigerOC 11-10-2004 11:43 AM

Remember you also probably need to tell the modem/router to port forward port 80 to the relevant internal IP

All times are GMT -5. The time now is 01:59 AM.