[TriLUG] Apache innaccessible from outside of home router
Matt Frye
mattfrye at gmail.com
Mon Aug 23 10:53:48 EDT 2004
You might want to check whether the LAN of the PC outside your network
even allows non-80 ports to be accessed. I've seen at least two cases
where someone was trying to access a page on their home web server
from their work PC and found out later that their company's firewall
was dropping or disallowing all non-port-80 httpd requests.
Matt Frye
On Mon, 23 Aug 2004 10:08:30 -0400, Jeff Groves <jgroves at krenim.org> wrote:
> Victor Snesarev wrote:
>
> >I know this subject has been discussed to death on the net, but nothing
> >I was able to google up helped.
> >
> >Here's the network:
> >
> >---[CableModem]---[d-link 713p router]---[PC IP=196.168.0.122]
> >
> >
> >PC running FC2 Linux 2.6.5-1.358 and Apache 2.0.49.
> >
> >I can reach the sample Apache page from a different computer on the same
> >196.168.0.xxx subnet, but cannot reach it from the outside world using
> >the router's IP address.
> >
> >httpd.conf is set up to "Listen 8888" and port 8888 is forwarded to
> >196.168.0.122 by the router.
> >
> >In fact, I know that outside requests reach the PC because Ethereal
> >shows a short TCP session when I try to reach the PC from outside the
> >router. I compared it to the TCP session from the local home LAN and saw
> >something odd. The TCP handshake from the outside connection looks like
> >this:
> >
> >Router-to-PC SYN
> >PC-to-Router SYN,ACK
> >Router-to-PC RST (terminate)
> >
> >A handshake from a local LAN PC completes fine and Apache serves the page.
> >
> >This almost points to the router, but I am not sure where to go from here.
> >
> >Just for reference, I am not running iptables or ipchains (I don't think
> >it's even installed) on the Linux box. Apache access_log and error_log
> >do not show any events associated with a connection attempt from outside
> >the local LAN.
> >
> >Any ideas?
> >
> >-Victor
> >
> >
> The only thing that I can think of (and it's pretty unlikely at best) is
> that you may have some entry /etc/hosts.deny file that is preventing the
> connection.
>
> Jeff G.
>
>
>
> --
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
>
More information about the TriLUG
mailing list