Results 1 to 6 of 6

Thread: Accessing apache on port 80 remotley

  1. #1

    Default Accessing apache on port 80 remotley

    Hi,
    I have a problem thats now driving me up the wall. Basically I have a apache http server setup and running on a box which runs on port 80 and works fine for access on my internal network.

    As soon as I open this up to the internet all connections time out (as far as I can tell the port is "closed", though the port is open in all the configs and the firewall is off, which makes no sence really).

    All this time the server is still accessible thought any address on the local network.

    I know there is nothing wrong with the router as this box is a replacement for another one, if I change the ip back to the original server then everything works fine connections are accepted.

    Any ideas on what might be causing this, as its reaching pull your hair out time!

  2. #2
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,683
    Blog Entries
    4

    Default Re: Accessing apache on port 80 remotley

    Maybe you need to portforward port 80 at your border router/firewall? BTW do not open a webserver to the outside world lightly.

  3. #3

    Default Re: Accessing apache on port 80 remotley

    Yes the port is open, as I say on the exiting server it works fine, as soon as you change the ip to the new box, no one can connect.

  4. #4
    ab@novell.com NNTP User

    Default Re: Accessing apache on port 80 remotley

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Just to be overly-clear, both the old and the new server have the same
    exact network settings, right? Please post the output of the following
    commands from BOTH machines to verify:

    `ip addr sh`
    `ip route sh`

    With that done what exactly does Firefox say (from outside your network)
    when accessing this server? Error 404? Error 500? Something else?
    Also if you can test the connection with netcat that would be
    interesting. Please include the entire command you are using as well as
    the output for both the new and old server (testing from outside and
    inside your network):

    `netcat -zv <ipAddressOfServer> 80`

    Finally it's possible, though less-likely, that your new server is
    blocking anything from your router specifically. You mentioned
    initially that you tested with the firewall totally off
    (`rcSuSEfirewall2 status`) and if that's the case you can probably rule
    it out. To see current firewall rules (which should only exist if the
    firewall is running) use the following command:

    `iptables-save`

    Good luck.







    Scott07uk wrote:
    | Yes the port is open, as I say on the exiting server it works fine, as
    | soon as you change the ip to the new box, no one can connect.
    |
    |
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.2 (GNU/Linux)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

    iD8DBQFIcL5H3s42bA80+9kRAiluAJ0QYG9nKcCFMVBkuWXo28k/R/qtvgCfZeUl
    g27oyO9zb9WoJ4tMtq6AYzo=
    =icIl
    -----END PGP SIGNATURE-----

  5. #5

    Default Re: Accessing apache on port 80 remotley

    Hi,

    The error I get externally is connection timed out, internally all is fine.

    Just a little info about the network its running on, the box has two interfaces, both on the same physical network, (eth0 is 172.16.1.6, eth1 is 172.16.1.8) the hostname is venus and the routers ip is 172.16.0.1, my main machines ip is 172.16.2.1 and I can access it from my laptop too (dhcp address 172.16.4.254)

    The output off your two commands on venus are
    venus:~ # ip addr sh
    1: lo: <LOOPBACK,UP,10000> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
    valid_lft forever preferred_lft forever
    2: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:08:02:e6:6f:bf brd ff:ff:ff:ff:ff:ff
    inet 172.16.1.6/16 brd 172.16.255.255 scope global eth0
    inet6 fe80::208:2ff:fee6:6fbf/64 scope link
    valid_lft forever preferred_lft forever
    3: eth1: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:08:02:e6:6f:be brd ff:ff:ff:ff:ff:ff
    inet 172.16.1.8/16 brd 172.16.255.255 scope global eth1
    inet6 fe80::208:2ff:fee6:6fbe/64 scope link
    valid_lft forever preferred_lft forever
    4: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0
    venus:~ # ip route sh
    169.254.0.0/16 dev eth0 scope link
    172.16.0.0/16 dev eth0 proto kernel scope link src 172.16.1.6
    172.16.0.0/16 dev eth1 proto kernel scope link src 172.16.1.8
    127.0.0.0/8 dev lo scope link
    default via 172.16.0.1 dev eth1

    The old webserver (jupiter) does not support those commands so I cant show you the output (i mean old in terms of hardware and software)

    The output of the other command is
    venus:~ # rcSuSEfirewall2 status
    Checking the status of SuSEfirewall2 unused

    The netcat test gives this on my box
    netcat -zv Worlds of War II - The free online strategy game 80
    Warning: inverse host lookup failed for 172.16.1.6: Unknown host
    Worlds of War II - The free online strategy game [172.16.1.6] 80 (http) open

    At the moment I have been useing Traceroute, Ping, Domain Name Server (DNS) Lookup, WHOIS, and DNS Records Lookup to test the access to the outside world and that has been reporting that the connection times out, though when redirecting to the other server it returns a full set of expected http headers straight away.

  6. #6
    ab@novell.com NNTP User

    Default Re: Accessing apache on port 80 remotley

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    For the old server:

    /sbin/ifconfig
    /sbin/route

    I assume your network is setup as a class B network with netmask
    255.255.0.0, right? That should be the same for your old server. This
    is a little odd since most of the time home (and most) networks use
    class C-ish networks either in reality or at least in size. I guess
    we'll see from the commands above.

    Also, you have two NICs on the same network? Does unplugging the .8 NIC
    help at all? Where is your port forwarding pointed? Is it to .6, I hope?

    Good luck.





    Scott07uk wrote:
    | Hi,
    |
    | The error I get externally is connection timed out, internally all is
    | fine.
    |
    | Just a little info about the network its running on, the box has two
    | interfaces, both on the same physical network, (eth0 is 172.16.1.6,
    | eth1 is 172.16.1.8) the hostname is venus and the routers ip is
    | 172.16.0.1, my main machines ip is 172.16.2.1 and I can access it from
    | my laptop too (dhcp address 172.16.4.254)
    |
    | The output off your two commands on venus are
    | venus:~ # ip addr sh
    | 1: lo: <LOOPBACK,UP,10000> mtu 16436 qdisc noqueue
    | link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    | inet 127.0.0.1/8 scope host lo
    | inet6 ::1/128 scope host
    | valid_lft forever preferred_lft forever
    | 2: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen
    | 1000
    | link/ether 00:08:02:e6:6f:bf brd ff:ff:ff:ff:ff:ff
    | inet 172.16.1.6/16 brd 172.16.255.255 scope global eth0
    | inet6 fe80::208:2ff:fee6:6fbf/64 scope link
    | valid_lft forever preferred_lft forever
    | 3: eth1: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen
    | 1000
    | link/ether 00:08:02:e6:6f:be brd ff:ff:ff:ff:ff:ff
    | inet 172.16.1.8/16 brd 172.16.255.255 scope global eth1
    | inet6 fe80::208:2ff:fee6:6fbe/64 scope link
    | valid_lft forever preferred_lft forever
    | 4: sit0: <NOARP> mtu 1480 qdisc noop
    | link/sit 0.0.0.0 brd 0.0.0.0
    | venus:~ # ip route sh
    | 169.254.0.0/16 dev eth0 scope link
    | 172.16.0.0/16 dev eth0 proto kernel scope link src 172.16.1.6
    | 172.16.0.0/16 dev eth1 proto kernel scope link src 172.16.1.8
    | 127.0.0.0/8 dev lo scope link
    | default via 172.16.0.1 dev eth1
    |
    | The old webserver (jupiter) does not support those commands so I cant
    | show you the output (i mean old in terms of hardware and software)
    |
    | The output of the other command is
    | venus:~ # rcSuSEfirewall2 status
    | Checking the status of SuSEfirewall2
    | unused
    |
    | The netcat test gives this on my box
    | netcat -zv 'Worlds of War II - The free online strategy game'
    | (http://www.worldsofwar.co.uk) 80
    | Warning: inverse host lookup failed for 172.16.1.6: Unknown host
    | 'Worlds of War II - The free online strategy game'
    | (http://www.worldsofwar.co.uk) [172.16.1.6] 80 (http) open
    |
    | At the moment I have been useing 'Traceroute, Ping, Domain Name Server
    | (DNS) Lookup, WHOIS, and DNS Records Lookup' (http://www.nwtools.com)
    | to test the access to the outside world and that has been reporting
    | that the connection times out, though when redirecting to the other
    | server it returns a full set of expected http headers straight away.
    |
    |
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.2 (GNU/Linux)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

    iD4DBQFIcRKC3s42bA80+9kRApJnAJ9uIs7g6i5RSPbiLnr/wKwH5kIZxACXVPnj
    PmTjtEYaGdDH8uC1BxLRrg==
    =hEa3
    -----END PGP SIGNATURE-----

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •