not opening sites

06-06-2004, 12:50 PM

Hello i have a problem with opening sites from local server
I have slack 9.1, 2.6.3 and 2 x 1mbps DSL`s
Through 1st dsl i have everything apart from www,gg,poczta,dns

I cant open sites which i have on the server from local network.
From server and from the world no problem with that.

Useing tcpdump during openning site from local network i have:
20:47:18.114695 83.16.x.y.http > 192.168.2.2.3171: S
2009189318:2009189318(0) ack 3401159266 win 5840 <mss 1460,nop,nop,sac
20:47:18.514636 83.16.x.y.http > 192.168.2.2.3170: S
2014889385:2014889385(0) ack 3401118844 win 5840 <mss 1460,nop,nop,sac
20:47:30.912742 83.16.x.y.http > 192.168.2.2.3174: S
2031051422:2031051422(0) ack 3404688940 win 5840 <mss 1460,nop,nop,sac
20:47:31.512626 83.16.x.y.http > 192.168.2.2.3175: S
2026773760:2026773760(0) ack 3404746764 win 5840 <mss 1460,nop,nop,sac
20:47:32.712471 83.16.x.y.http > 192.168.2.2.3182: S
2024209107:2024209107(0) ack 3405432829 win 5840 <mss 1460,nop,nop,sac
20:47:32.912441 83.16.x.y.http > 192.168.2.2.3178: S
2026327105:2026327105(0) ack 3405224421 win 5840 <mss 1460,nop,nop,sac
20:47:32.912460 83.16.x.y.http > 192.168.2.2.3179: S
2024810050:2024810050(0) ack 3405311236 win 5840 <mss 1460,nop,nop,sac
20:47:32.912485 83.16.x.y.http > 192.168.2.2.3180: S
2025483000:2025483000(0) ack 3405348228 win 5840 <mss 1460,nop,nop,sac
20:47:33.112416 83.16.x.y.http > 192.168.2.2.3183: S
2023164388:2023164388(0) ack 3405469714 win 5840 <mss 1460,nop,nop,sac
20:47:33.312378 83.16.x.y.http > 192.168.2.2.3184: S
2035479752:2035479752(0) ack 3405503104 win 5840 <mss 1460,nop,nop,sac
20:47:33.312397 83.16.x.y.http > 192.168.2.2.3177: S
2028640536:2028640536(0) ack 3405183187 win 5840 <mss 1460,nop,nop,sac
20:47:33.712318 83.16.x.y.http > 192.168.2.2.3181: S
2027450025:2027450025(0) ack 3405381189 win 5840 <mss 1460,nop,nop,sac
20:47:36.511861 arp who-has 83.16.x.z(=adres gateway`a) tell 83.16.x.y
20:47:36.512028 arp reply 83.16.x.z is-at 0:b:23:81:37:1c
192.168.2.2 to komputer z ktorego otwieralem stronke na serwerze.

There is one more strange: when i use ext_ip addr of the server to open site
from it, doesnt open at all, but when i use local address its opening
without graphics.

Could somebody help me???

Regards
Jack

06-06-2004, 04:05 PM

On Sun, 06 Jun 2004 14:50:25 +0200, Jacek wrote:

> Hello i have a problem with opening sites from local server I have slack
> 9.1, 2.6.3 and 2 x 1mbps DSL`s Through 1st dsl i have everything apart
> from www,gg,poczta,dns
>
> I cant open sites which i have on the server from local network. From
> server and from the world no problem with that.
>
> Useing tcpdump during openning site from local network i have:
> 20:47:18.114695 83.16.x.y.http > 192.168.2.2.3171: S

(snip)

> There is one more strange: when i use ext_ip addr of the server to open
> site from it, doesnt open at all, but when i use local address its opening
> without graphics.

It looks as though you are behind a NAT router which is forwarding traffic
for your external address to your web server. Traffic from the local
network comes in on the internal interface of the router and doesn't get
forwarded.

Further, it looks as though the hyperlinks to your graphics are absolute
not relative, so even when you use the local address they still point to
the external one.

If you have a local DNS server, set it up so that your server's name
points to the local address for the machines on your network (use views
if it is also a DNS server for your domain on the Internet). If you
havn't, use hosts files.

If this isn't the case you need to provide more detail of your setup.

Regards, Ian

06-06-2004, 04:13 PM

>
> > Hello i have a problem with opening sites from local server I have slack
> > 9.1, 2.6.3 and 2 x 1mbps DSL`s Through 1st dsl i have everything apart
> > from www,gg,poczta,dns
> >
> > I cant open sites which i have on the server from local network. From
> > server and from the world no problem with that.
> >
> > Useing tcpdump during openning site from local network i have:
> > 20:47:18.114695 83.16.x.y.http > 192.168.2.2.3171: S
>
> (snip)
>
> > There is one more strange: when i use ext_ip addr of the server to open
> > site from it, doesnt open at all, but when i use local address its
opening
> > without graphics.
>
> It looks as though you are behind a NAT router which is forwarding traffic
> for your external address to your web server. Traffic from the local
> network comes in on the internal interface of the router and doesn't get
> forwarded.
>
> Further, it looks as though the hyperlinks to your graphics are absolute
> not relative, so even when you use the local address they still point to
> the external one.
>
> If you have a local DNS server, set it up so that your server's name
> points to the local address for the machines on your network (use views
> if it is also a DNS server for your domain on the Internet). If you
> havn't, use hosts files.
>
> If this isn't the case you need to provide more detail of your setup.

Perhaps in my config are some mistakes?
************************************************** **************************
*********
my routing config:
************************************************** **************************
*********
#!/bin/sh
P0_NET=192.168.2.0
IF0=eth1
IF1=eth0
IF2=eth2
IP1=80.55.w.k
IP2=83.16.x.y
P1=80.55.w.k #gw
P2=83.16.x.y #gw
P1_NET=80.55.w.k # network addrr
P2_NET=83.16.x.y #network addrr

ip route add $P1_NET dev $IF1 src $IP1 table T1
ip route add default via $P1 table T1
ip route add $P2_NET dev $IF2 src $IP2 table T2
ip route add default via $P2 table T2

ip route add $P1_NET dev $IF1 src $IP1
ip route add $P2_NET dev $IF2 src $IP2
ip route add default via $P2
ip rule add from $IP1 table T1
ip rule add from $IP2 table T2

ip route add $P0_NET dev $IF0 table T1
ip route add $P2_NET dev $IF2 table T1
ip route add 127.0.0.0/8 dev lo table T1
ip route add $P0_NET dev $IF0 table T2
ip route add $P1_NET dev $IF1 table T2
ip route add 127.0.0.0/8 dev lo table T2
************************************************** **************************
*********
My masquarade:
************************************************** **************************
*********
#!/bin/sh
/usr/sbin/iptables -t nat -F
/usr/sbin/iptables -t nat -X
/usr/sbin/iptables -t filter -F
/usr/sbin/iptables -t filter -X

/usr/sbin/iptables -P FORWARD DROP
/usr/sbin/iptables -t nat -I POSTROUTING -s 192.168.2.0/255.255.255.0 -d
192.168.2.0/255.255.255.0 -j ACCEPT
/usr/sbin/iptables -t nat -I PREROUTING -s 192.168.2.0/255.255.255.0 -d
192.168.2.0/255.255.255.0 -j ACCEPT
/usr/sbin/iptables -t filter -I FORWARD -s 192.168.2.0/255.255.255.0 -d
192.168.2.0/255.255.255.0 -j ACCEPT

/usr/sbin/iptables -t filter -A FORWARD -s 192.168.2.2 -m mac --mac-source
00:0B:CD:17:04:36 -j ACCEPT
/usr/sbin/iptables -t filter -A FORWARD -d 192.168.2.2 -j ACCEPT
/usr/sbin/iptables -t nat -A POSTROUTING -s 192.168.2.2 -o eth0 -j SNAT --to
80.55.w.z
/usr/sbin/iptables -t nat -A POSTROUTING -s 192.168.2.2 -o eth2 -j SNAT --to
83.16.x.y
/usr/sbin/iptables -t filter -A FORWARD -s 192.168.2.3 -m mac --mac-source
00:01:03:83:0F:C4 -j ACCEPT
/usr/sbin/iptables -t filter -A FORWARD -d 192.168.2.3 -j ACCEPT
/usr/sbin/iptables -t nat -A POSTROUTING -s 192.168.2.3 -o eth0 -j SNAT --to
80.55.w.z
/usr/sbin/iptables -t nat -A POSTROUTING -s 192.168.2.3 -o eth2 -j SNAT --to
83.16.x.y
#/usr/sbin/iptables -A INPUT -i eth1 -p udp --sport bootpc --dport bootps -j
ACCEPT
#/usr/sbin/iptables -A INPUT -i eth1 -p tcp --sport bootpc --dport bootps -j
ACCEPT
#/usr/sbin/iptables -A INPUT -i eth1 -p udp --sport bootps --dport bootpc -j
ACCEPT
#/usr/sbin/iptables -A INPUT -i eth1 -p tcp --sport bootps --dport bootpc -j
ACCEPT

# Allow dns requests
/usr/sbin/iptables -A INPUT -i eth1 -p udp --dport 53 -m state --state
NEW -j ACCEPT
/usr/sbin/iptables -A INPUT -i eth1 -p udp --dport 135 -m state --state
NEW -j ACCEPT

#all marked ports going through eth2 :
/usr/sbin/iptables -A PREROUTING -t mangle -p tcp --dport 8074 -j
MARK --set-mark 2
/usr/sbin/iptables -A PREROUTING -t mangle -p tcp --dport 443 -j
MARK --set-mark 2
/usr/sbin/iptables -A PREROUTING -t mangle -p tcp --dport 1550 -j
MARK --set-mark 2
/usr/sbin/iptables -A PREROUTING -t mangle -p tcp --dport 80 -j
MARK --set-mark 2
/usr/sbin/iptables -A PREROUTING -t mangle -p tcp --dport 81 -j
MARK --set-mark 2
/usr/sbin/iptables -A PREROUTING -t mangle -p tcp --dport 22 -j
MARK --set-mark 2
/usr/sbin/iptables -A PREROUTING -t mangle -p tcp --dport 23 -j
MARK --set-mark 2
/usr/sbin/iptables -A PREROUTING -t mangle -p udp --dport 53 -j
MARK --set-mark 2
/usr/sbin/iptables -A PREROUTING -t mangle -p udp --dport 135 -j
MARK --set-mark 2
/usr/sbin/iptables -A PREROUTING -t mangle -p udp --dport 42 -j
MARK --set-mark 2
/usr/sbin/iptables -A PREROUTING -t mangle -p udp --dport 43 -j
MARK --set-mark 2
/usr/sbin/iptables -t nat -A POSTROUTING -m mark --mark 1 -j SNAT --to
80.55.w.z #gw
/usr/sbin/iptables -t nat -A POSTROUTING -m mark --mark 2 -j SNAT --to
83.16..x.y #gw

ip rule add fwmark 1 table T1
ip rule add fwmark 2 table T2
ip route flush cache

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
BSNL Broadband not opening a few sites	S N	Broadband Hardware	0	09-23-2009 05:59 PM
job opening	Frenchy	Wireless Internet	0	12-05-2006 06:37 PM
Particular website is not opening	Avinash	Wireless Networks	3	02-17-2006 02:18 PM
Explorer not opening http sites while https sites work	Hendrik G. Seliger	Windows Networking	0	09-13-2005 09:12 PM
WiFi Hotspot Directory now includes over 12,000 sites including Intl sites!	Riverwalk Mobile	Windows Networking	0	09-16-2004 02:49 PM