Download your favorite Linux distribution at LQ ISO.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 11-08-2004, 03:54 AM   #1
LQ Newbie
Registered: Oct 2004
Posts: 23

Rep: Reputation: 15
cant access web server behind NAT/firewall

I have installed Debain 3.0 with IpMasq package to use it as my ADSL connection as internet gateway. I installed later firestarter as firewall.
now my problem is that i have one webserver running inside my interanet with global IP. Now i cant access this when i try to access from outside.
can any body help me.
i specified in "firestarter" dyanamic rules that open TCP services for this global IP machine on port 80.

Thanks in Advance
Old 11-08-2004, 06:44 AM   #2
Senior Member
Registered: May 2003
Location: istanbul
Distribution: debian - redhat - others
Posts: 1,188

Rep: Reputation: 50
u have like this network, right?
web_server ---- linux (firewall) --- internet

if it is so,u need port forwarding, not opening port.
i dont know about firestar. u can check your script. the following iptables rules will forward tcp 80 port to internal web server:

iptables -t nat -I PREROUTING -i eth_ext -p tcp --dport 80 -d public_ip_of linux -j DNAT --to local_ip_of_web_server

it depends how your firewall is built. u must also allow tcp 80 in FORWARD chain:

iptables -I FORWARD -d local_ip_of_web_server -p tcp --dport 80 -j ACCEPT
Old 11-08-2004, 07:20 AM   #3
LQ Newbie
Registered: Oct 2004
Location: Belgium
Distribution: Gentoo
Posts: 3

Rep: Reputation: 0
Keep in mind that a lot of internet providers automagically BLOCK all incoming ports below 1024.
Since you say you try to connect to port 80 on your firewall, I suggest you add a rule in your iptables that port 8080 forwards to port 80 on your LAN-webserver.
Old 11-10-2004, 11:43 AM   #4
Senior Member
Registered: Jan 2003
Location: Devon, UK
Distribution: Debian Etc/kernel 2.6.18-4K7
Posts: 2,380

Rep: Reputation: 49
Remember you also probably need to tell the modem/router to port forward port 80 to the relevant internal IP


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Setting up firewall / nat server da644 Linux - Networking 1 08-02-2005 08:22 PM
Apache 2 web server behind NAT router rober Fedora 4 12-15-2004 07:07 AM
setting up a linux server + firewall + nat ddaas Linux - Security 7 10-14-2004 06:42 PM
gateway(NAT),firewall,server,DMZ andjules Linux - Networking 1 11-22-2002 05:55 PM
gateway(NAT),firewall,server,DMZ andjules Linux - Newbie 2 11-22-2002 08:11 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:50 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration