# apache works... but not on the www....

## kraylus

i got apache working just fine. every PC on the network can view the homepage hosted on the gentoo box just by typing in the internal IP.

we have a hardware router (GV Internet Gateway) that handles the DSL connections and i've set it to forward port 80 to the gentoo box running the apache server.

any PC trying hit that IP gets nothing. takes forever to load and eventually times out. the IP im using is the IP that my ISP assigned to the router.

i tested it out by logging into a remote computer at my father-in-laws webhost and lynx'ing to the IP. didn't work. had a few friends try it out from various states. didn't work.

as far as i know, apache is setup properly since the internal network can view it. but did i do something wrong with the router? maybe the router's just fucked in the head? am i sposed to forward any other ports to the gentoo box?

thanks for yer help  :Smile: 

ryan

----------

## handsomepete

Do you have any sort of dmz setup for your router?  It sounds like it's still firewalling it... did you check your log files to see if any external IPs hit it?  If so, it's probably not able to send information back.  You can always try plugging the PC directly into the DSL line and see what happens... I doubt you'll get r00ted in that short amount of time...  :Smile: 

----------

## klieber

Does the router have any sort of logging capability?  You can probably find out pretty quick what's causing the problems by looking at the log.

Another good tool is nmap (emerge nmap).  It will run a port scan on your gateway and tell you every port that's open on the box.

Also, just on the off-chance...my ISP blocks inbound port 80 access at their routers.  Not sure if you have an equally-facist ISP, but might be worth looking into if everything else fails.

--kurt

----------

## kraylus

 *handsomepete wrote:*   

> Do you have any sort of dmz setup for your router?  It sounds like it's still firewalling it... did you check your log files to see if any external IPs hit it?  If so, it's probably not able to send information back.  You can always try plugging the PC directly into the DSL line and see what happens... I doubt you'll get r00ted in that short amount of time... 

 

there IS a dmz option, i recall seeing that and being able to set an IP for it or some such. im new to this router crap and i dunno much bout it. the last time i hosted a web server i used freebsd w/ my old p75 as a router.

anyways, here's the log: also, i enabled the DMZ thingy with my IP address in it... still didnt work.

```

WAN Type: Dynamic IP Address (R1.93p)

Display time: Fri Jun 28 02:46:11 2002

* DOD:triggered internally

Wed Jun 26 13:45:05 2002 DHCP:discover()

Wed Jun 26 13:45:09 2002 DHCP:discover()

Wed Jun 26 13:45:17 2002 DHCP:discover()

Wed Jun 26 13:45:33 2002 DHCP:discover()

Wed Jun 26 13:45:34 2002 DHCP:offer(66.183.64.254)

Wed Jun 26 13:45:34 2002 DHCP:request(66.183.90.172)

Wed Jun 26 13:45:36 2002 DHCP:ack(DOL=345600,T1=172800,T2=302400)

Wed Jun 26 14:13:42 2002 Unrecognized access from 203.106.136.45:1052 to TCP port 27696

Wed Jun 26 14:13:45 2002 Unrecognized access from 203.106.136.45:1052 to TCP port 27696

Wed Jun 26 14:13:51 2002 Unrecognized access from 203.106.136.45:1052 to TCP port 27696

Wed Jun 26 14:14:03 2002 Unrecognized access from 203.106.136.45:1052 to TCP port 27696

Wed Jun 26 14:37:52 2002 Unrecognized access from 24.112.180.121:3452 to TCP port 8080

Wed Jun 26 14:37:55 2002 Unrecognized access from 24.112.180.121:3452 to TCP port 8080

Wed Jun 26 14:38:01 2002 Unrecognized access from 24.112.180.121:3452 to TCP port 8080

Wed Jun 26 14:57:31 2002 Unrecognized access from 66.200.201.37:1291 to TCP port 139

Wed Jun 26 14:57:34 2002 Unrecognized access from 66.200.201.37:1291 to TCP port 139

Wed Jun 26 14:57:40 2002 Unrecognized access from 66.200.201.37:1291 to TCP port 139

Wed Jun 26 14:57:52 2002 Unrecognized access from 66.200.201.37:1291 to TCP port 139

Wed Jun 26 15:29:59 2002 Unrecognized access from 216.196.181.119:1028 to UDP port 137

Wed Jun 26 15:31:11 2002 Unrecognized access from 216.249.70.237:1072 to UDP port 137

Wed Jun 26 16:17:10 2002 Unrecognized access from 209.202.114.67:1124 to UDP port 137

Wed Jun 26 17:31:07 2002 Unrecognized access from 202.155.59.65:1061 to UDP port 137

Thu Jun 27 02:23:56 2002 Unrecognized access from 66.183.90.132:1026 to UDP port 137

Thu Jun 27 03:10:06 2002 Unrecognized access from 144.132.159.241:3995 to TCP port 1433

Thu Jun 27 03:10:09 2002 Unrecognized access from 144.132.159.241:3995 to TCP port 1433

Thu Jun 27 03:10:15 2002 Unrecognized access from 144.132.159.241:3995 to TCP port 1433

Thu Jun 27 07:35:32 2002 Unrecognized access from 66.183.90.229:137 to UDP port 137

Thu Jun 27 07:35:33 2002 Unrecognized access from 66.183.90.229:137 to UDP port 137

Thu Jun 27 07:35:35 2002 Unrecognized access from 66.183.90.229:137 to UDP port 137

Thu Jun 27 09:10:08 2002 Unrecognized access from 200.39.234.185:4476 to TCP port 27374

Thu Jun 27 09:10:08 2002 Unrecognized access from 200.39.234.185:4478 to TCP port 12345

Thu Jun 27 09:10:11 2002 Unrecognized access from 200.39.234.185:4476 to TCP port 27374

Thu Jun 27 09:10:11 2002 Unrecognized access from 200.39.234.185:4478 to TCP port 12345

Thu Jun 27 09:10:17 2002 Unrecognized access from 200.39.234.185:4476 to TCP port 27374

Thu Jun 27 09:10:17 2002 Unrecognized access from 200.39.234.185:4478 to TCP port 12345

Thu Jun 27 09:10:29 2002 Unrecognized access from 200.39.234.185:4476 to TCP port 27374

Thu Jun 27 09:10:30 2002 Unrecognized access from 200.39.234.185:4478 to TCP port 12345

Thu Jun 27 12:33:35 2002 Unrecognized access from 218.55.62.21:3999 to TCP port 1433

Thu Jun 27 12:33:38 2002 Unrecognized access from 218.55.62.21:3999 to TCP port 1433

Thu Jun 27 12:33:44 2002 Unrecognized access from 218.55.62.21:3999 to TCP port 1433

Thu Jun 27 13:12:35 2002 Unrecognized access from 66.7.86.98:32792 to TCP port 6346

Thu Jun 27 13:12:38 2002 Unrecognized access from 66.7.86.98:32792 to TCP port 6346

Thu Jun 27 13:42:54 2002 Unrecognized access from 66.134.115.150:137 to UDP port 137

Thu Jun 27 13:42:56 2002 Unrecognized access from 66.134.115.150:137 to UDP port 137

Thu Jun 27 13:42:57 2002 Unrecognized access from 66.134.115.150:137 to UDP port 137

Thu Jun 27 16:26:06 2002 Unrecognized access from 66.169.172.25:4244 to TCP port 1433

Thu Jun 27 16:26:09 2002 Unrecognized access from 66.169.172.25:4244 to TCP port 1433

Thu Jun 27 16:26:15 2002 Unrecognized access from 66.169.172.25:4244 to TCP port 1433

Thu Jun 27 17:10:08 2002 Unrecognized access from 66.183.90.132:1026 to UDP port 137

Thu Jun 27 17:43:13 2002 Unrecognized access from 64.41.146.214:80 to TCP port 64746

Thu Jun 27 19:05:05 2002 Unrecognized access from 209.120.143.33:80 to TCP port 65454

Thu Jun 27 19:47:52 2002 Unrecognized access from 61.214.156.32:3302 to TCP port 1433

Thu Jun 27 19:47:55 2002 Unrecognized access from 61.214.156.32:3302 to TCP port 1433

Thu Jun 27 19:48:01 2002 Unrecognized access from 61.214.156.32:3302 to TCP port 1433

Thu Jun 27 20:21:13 2002 Unrecognized access from 24.96.45.150:2013 to TCP port 1433

Thu Jun 27 20:21:16 2002 Unrecognized access from 24.96.45.150:2013 to TCP port 1433

Thu Jun 27 20:21:22 2002 Unrecognized access from 24.96.45.150:2013 to TCP port 1433

Thu Jun 27 22:15:23 2002 Unrecognized access from 66.250.32.228:4059 to TCP port 6346

Thu Jun 27 22:15:26 2002 Unrecognized access from 66.250.32.228:4059 to TCP port 6346

Fri Jun 28 02:43:15 2002 192.168.123.183 login successful
```

dunno what it all means. seems that unrecognized access is coming from ports other than 80. if it means anything, i'd ssh into another box on the outside and lynx from there to my apache server. would that make a difference?

here's the IP of the router:

66.183.90.172

i havent moved the apache server to the "outside" network as that'd be a pain in the ass and i dont think my father in law would appreciate that  :Wink:  this's his office and he's real picky bout what goes where.

sigh...

----------

## klieber

 *kraylus wrote:*   

> dunno what it all means. seems that unrecognized access is coming from ports other than 80. 

 

The fact that a) your router only appears to be logging failed attempts and b) there are no failed attempts destined for port 80 suggest strongly that the router is behaving as expected and allowing port 80 traffic through the router.

One way to check -- block port 80 in the router and then try to hit it from the outside.  If you then see logged attempts on port 80, then you know (most likely) that it was allowing it through before.

At that point, you need to start looking at your apache config as well as the server on which it runs.  Are you using tcp wrappers or anything similar on the box?  Anything in your server logs related to denied attempts?

--kurt

----------

## kraylus

ok, i turned off port 80 access on the router. checking the logs...

```

* Restarted by 192.168.123.183

* DOD:TCP trigger from 192.168.123.183:1796 to 66.250.107.251:80

Fri Jun 28 06:47:56 2002 DHCP:discover()

Fri Jun 28 06:47:56 2002 DHCP:offer(66.183.64.254)

Fri Jun 28 06:47:56 2002 DHCP:request(66.183.90.172)

Fri Jun 28 06:47:58 2002 DHCP:ack(DOL=345600,T1=172800,T2=302400)

Fri Jun 28 06:57:23 2002 Unallowed access from 192.168.123.102:2244 to 198.172.121.10:80 TCP

Fri Jun 28 06:57:26 2002 Unallowed access from 192.168.123.102:2244 to 198.172.121.10:80 TCP

Fri Jun 28 06:57:32 2002 Unallowed access from 192.168.123.102:2244 to 198.172.121.10:80 TCP

Fri Jun 28 06:57:43 2002 Unallowed access from 192.168.123.102:2244 to 198.172.121.10:80 TCP

Fri Jun 28 06:57:44 2002 Unallowed access from 192.168.123.161:1163 to 152.2.210.81:80 TCP

Fri Jun 28 06:57:47 2002 Unallowed access from 192.168.123.161:1163 to 152.2.210.81:80 TCP

Fri Jun 28 06:57:53 2002 Unallowed access from 192.168.123.161:1163 to 152.2.210.81:80 TCP

Fri Jun 28 06:57:54 2002 Unallowed access from 192.168.123.183:1797 to 66.250.107.251:80 TCP

Fri Jun 28 06:58:05 2002 Unallowed access from 192.168.123.161:1163 to 152.2.210.81:80 TCP
```

oook... some are port 80 some are ports 1163 (what the hell is that?)

now that we know it's not the router but ym retardedness, i'll check my apache access logs... nothing out of the ordinary. just shows my other linux box (the one im typing from now) accessing the apache pages.

here's the error logs:

```

[Fri Jun 28 00:58:56 2002] [alert] apache: Could not determine the server's ful$[Fri Jun 28 00:58:57 2002] [notice] Apache/1.3.26 (Unix) mod_ssl/2.8.10

OpenSSL$[Fri Jun 28 00:58:57 2002] [notice] suEXEC mechanism enabled (wrapper: /usr/sbi$[Fri Jun 28 00:58:57 2002] [notice] Accept mutex:

sysvsem (Default: sysvsem) [Fri Jun 28 01:14:09 2002] [notice] caught SIGTERM, shutting down [Fri Jun 28 09:46:05 2002] [alert] apache: Could not

determine the server's ful$[Fri Jun 28 09:46:06 2002] [notice] Apache/1.3.26 (Unix) mod_ssl/2.8.10 OpenSSL$[Fri Jun 28 09:46:06 2002] [notice]

suEXEC mechanism enabled (wrapper: /usr/sbi$[Fri Jun 28 09:46:06 2002] [notice] Accept mutex: sysvsem (Default: sysvsem)
```

dunno what that means.

but if the apache server works on the internal server (php and all - except mysql but thats cuz i cant figure out how to set it up) why wouldnt it work for the outside as well?

thanks for the help  :Smile: 

ryan

----------

## snorkel

You need to forward port 80 from your router to your linux server.

I have a linksys router and it works great doing this.

I am sure your router can forward port 80.

You don't need the dmz setup at all, just forward port 80 and you will be all set.

Tony Caduto

----------

## kraylus

....

----------

## Nitro

Are the requests actually hitting the webserver and just not coming back out of the router?  From a remote location telnet to it ie: 

```
telnet <ipaddress> 80
```

  If that connects, then we know you are getting to the server.  To request a web-page type "get /", you should get html.

If not, then I think you might have your routes messed up.  What is the output of "route -n" ?

----------

## colonblow

 *klieber wrote:*   

> 
> 
> Also, just on the off-chance...my ISP blocks inbound port 80 access at their routers.  Not sure if you have an equally-facist ISP, but might be worth looking into if everything else fails.
> 
> 

 

i have found that many more ISPs are doing this nowadays... if you are absolutely positive that apache is up and running on port 80, and the port is forwarded in your router, this is probably the case.

i spent almost 2 days with a problem similar to this, finally i gave up and called my ISP (verizon DSL) and was told that they block port 80... they gave me an 800 number to call to "resolve the problem" which turned out to be their commercial web hosting sales dept.   :Rolling Eyes: 

----------

