I downloaded iptables-1.2.8-13.src.rpm from fedora, then > rpmbuild --rebuild iptables-1.2.8-13.src.rpm > vi /etc/sysctl.conf net/ipv4/ip_forward =1 (was 0 origianlly) > sysctl -p > service iptables start But when I entered http://(hostname)/example.html from another computer, it just kept processing. The access_log did not show any log info. So it was blocked by the firewall on the Linux server. The link you mentioned has a section for "Allowing WWW and SSH access to your firewall", but I am not sure how to do that. If I just want to let host1 access the apache web server on host2, what should I do on the firewall? Thanks, Joe --- Boyle Owen <Owen.Boyle@xxxxxxx> wrote: > > -----Original Message----- > > From: Joseph Lee [mailto:joe_sun_lee@xxxxxxxxx] > > Sent: Mittwoch, 29. Juni 2005 22:26 > > To: users@xxxxxxxxxxxxxxxx > > Subject: RE: [users@httpd] Networking problem? > > > > > > > > Do I need a SSL server certificate for the Linux > > machine, in order to run Apache web server? > > You don't need a SSL cert unless you want to run an > SSL virtual Host (ie, HTTPS). Don't even dream about > doing this until you have fully mastered plain old > HTTP first... > > > Is there any way to know there is a firewall > blocking > > between Linux runing Apache web server, and a > Windows > > PC? > > Just to be clear where the FW is; It's running on > the webserver machine and is sitting in front of > apache. All requests to apache (or anything else, > like mail, telnet etc.) have to go through it first. > It's like the doorman at a nightclub. > > From the outside (ie, the browser PC) there is no > way to identify a FW. This is a security feature - > FW's act silently and don't give reasons for their > refusals. The only way you can guess you have a FW > is if requests go into a black hole and don't give > any response. If you only have two machines > connected via a LAN then it's pretty obvious it must > be a FW (especially if ping works), but imagine if > you were attacking a machine over the internet - you > wouldn't know if the lack of response was due to a > FW at the target or just a network problem en route. > > To identify the FW, you need to check the linux > machine - I think it's called ipchains or iptables > (see > http://www.siliconvalleyccie.com/linux-hn/iptables-intro.htm) > but maybe Linux gurus could help you more... > > Rgds, > Owen Boyle > Disclaimer: Any disclaimer attached to this message > may be ignored. > > > > Thanks, > > Joe > > > > --- Joseph Lee <joe_sun_lee@xxxxxxxxx> wrote: > > > > > > > > > > > --- Boyle Owen <Owen.Boyle@xxxxxxx> wrote: > > > > > > > > -----Original Message----- > > > > > From: Joseph Lee > [mailto:joe_sun_lee@xxxxxxxxx] > > > > > Sent: Mittwoch, 29. Juni 2005 17:12 > > > > > To: users@xxxxxxxxxxxxxxxx; > > > info@xxxxxxxxxxxxxxxx > > > > > Subject: Re: [users@httpd] Networking > problem? > > > > > > > > > > > > > > > Thank you, all, for trying to help me. > > > > > > > > > > I tried http://(ipaddress)/example.html on > my > > > > Windows > > > > > PC, but still could not get example.html > from my > > > > Linux > > > > > machine running Apache web server. > > > > > > > > > > I also did: > > > > > > > > > > - modified /etc/hosts on the Linux machine > to > > > have > > > > the > > > > > entry for my Windows PC > > > > > > > > The problem is the other way around - the > windows > > > PC > > > > needs to be able to resolve the machine name > of > > > the > > > > Linux machine (see Hosts file). > > > > > > I modified /WINDOWS/system32/drivers/etc/hosts, > and > > > added an entry for my Linux machine. > > > > > > > > > > > > > > > > > - ping from Linux to Windows using hostname > > > > without a > > > > > problem > > > > > > > > Ping from Windows to Linux? If this don't > work, > > > > http://(ipaddress)/example.html never will > from > > > PC. > > > > > > I can ping from Windows to Linux by using > hostname > > > and > > > IP address. Both of them worked. > > > > > > > > > > > > > > > > > - checked /etc/resolv.conf on Linux, it has > a > > > > valid > > > > > DNS nameserver > > > > > > > > > > - deleted "service http" entry in > > > /etc/xinetd.conf > > > > in > > > > > Linux > > > > > > > > > > but still not working. > > > > > > > > > > On the Linux machine, I could do > > > > > file://hostname/example.html > > > > > > > > > > but I could not do > > > > > http://hostname/example.html > > > > > it says "Not Found. The requested URL > > > > /example.html > > > > > was not found on this server. Apache/2.0.54 > > > (Unix) > > > > > Server at (hostname) Port 80" > > > > > > > > Excellent! The webserver is working and you > can > > > > access it! > > > > > > > > It's just that it can't find the file. Try > plain > > > > old: http://hostname/ (which will deliver > your > > > > DirectoryIndex file (you do have one, don't > you?) > > > Do > > > > you understand the relationship between URL > and > > > > DocumentRoot? If you do, then request a file > that > > > > you are sure exists in the docroot. > > > > > > Ahh! I copied ~/example.html to > > > /usr/local/apache2/htdocs, and now I can run > > > http://(hostname)/example.html on Linux! That's > > > great. > > > One problem solved. > > > > > > However, when I tried to do the same thing from > > > Windows , it just kept processing.... > > > > > > I also tried from my Windows to do > > > telnet (linux hostanme) > > > and > > > telnet (linux hostanme) 80 > > > But it just kept processing.... > > > > > > I think it may be the firewall that blocked port > 80 > > > between PC and Linux, but let ping go thru. > > > > > > Thanks, > > > Joe > > > > > > > > > > > Rgds, > > > > Owen Boyle > > > > Disclaimer: Any disclaimer attached to this > > > message > > > > may be ignored. > > > > > > > > > > > > > > > > > > Thank you again. > > > > > Joe > > > > > > > > > > --- Dan Trainor <info@xxxxxxxxxxxxxxxx> > wrote: > > > > > > > > > > > Joseph Lee wrote: > > > > > > > Hi, > > > > > > > > > > > > > > I am trying to run Apache web server on > my > === message truncated === __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|