IP masquerading but no Web Server

To all,
I set up Masquerading successfully with 2 machines and a crossover cable
and PPP to DSL.

I can browse the web from both machines but I can't browse the Apache
Web server which is on the internet facing machine. I'm using the
rc.firewall-2.4-stronger


I uncommented this line in rc.firewall-2.4-stronger;


$IPTABLES -A INPUT -i $EXTIF -m state --state NEW,ESTABLISHED,RELATED
\ |
-p tcp -s $UNIVERSE -d $EXTIP --dport 80 -j ACCEPT


What am I missing?


Thanks,
Peter

On 28 Oct 2003 07:38:08 -0800, Peter <(E-Mail Removed)> wrote:
> To all,
> I set up Masquerading successfully with 2 machines and a crossover cable
> and PPP to DSL.
>
> I can browse the web from both machines but I can't browse the Apache
> Web server which is on the internet facing machine. I'm using the
> rc.firewall-2.4-stronger

No clue what distro that is. Are you attempting to access apache via its
ppp0 IP from behind masq? That would typically be blocked by
anti-spoofing.

To access it _from_ the internet you would need to allow incoming port 80
to ppp0 (and check httpd.conf and related for Deny/Allow directives). To
access it from LAN side, you would need to access its LAN IP. You could
point a public name to its private IP locally using /etc/hosts.

--
David Efflandt - All spam ignored http://www.de-srv.com/
http://www.autox.chicago.il.us/ http://www.berniesfloral.net/
http://cgi-help.virtualave.net/ http://hammer.prohosting.com/~cgi-wiz/

(E-Mail Removed) (Peter) wrote in message news:<(E-Mail Removed) om>...
> To all,
> I set up Masquerading successfully with 2 machines and a crossover cable
> and PPP to DSL.
>
Red Hat 9.

It turns out Verizon blocks port 80 for dynamic addresses(34.00 per
month), you need to get a static ip for port 80 access(89.00 per
month). Damn!

-Peter


> I can browse the web from both machines but I can't browse the Apache
> Web server which is on the internet facing machine. I'm using the
> rc.firewall-2.4-stronger
>
>
> I uncommented this line in rc.firewall-2.4-stronger;
>
>
> $IPTABLES -A INPUT -i $EXTIF -m state --state NEW,ESTABLISHED,RELATED
> \ |
> -p tcp -s $UNIVERSE -d $EXTIP --dport 80 -j ACCEPT
>
>
> What am I missing?
>
>
> Thanks,
> Peter

Peter <(E-Mail Removed)> wrote:
> To all,
> I set up Masquerading successfully with 2 machines and a crossover cable
> and PPP to DSL.

> I can browse the web from both machines but I can't browse the Apache
> Web server which is on the internet facing machine. I'm using the
> rc.firewall-2.4-stronger


> I uncommented this line in rc.firewall-2.4-stronger;


> $IPTABLES -A INPUT -i $EXTIF -m state --state NEW,ESTABLISHED,RELATED
> \ |
> -p tcp -s $UNIVERSE -d $EXTIP --dport 80 -j ACCEPT


> What am I missing?

Why don't you access it via the eth0 internal address
instead of ppp0. Have someone on the outside check
it via the ppp interface after you know it responds.
This way you can isolate whether a server or route
issue. (also not enough info here)

-Walt


-----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
-----== Over 100,000 Newsgroups - 19 Different Servers! =-----