On Thu, 2002-10-31 at 11:10, Michael Schwendt wrote: > You cannot try it from inside your network. Try it from an external > host with e.g. "wget YOUR_EXT_IP". > > For debugging, add this rule on your Linux router > > iptables -I FORWARD -p tcp --dport 80 -j LOG It's starting to show something! When I try from an EXTERNAL host (with telnet my.real.ip 80), telnet still hangs in "Trying..." and timeouts after few minutes. With LOG directive, /var/log/messages shows me that: Oct 31 11:31:06 imoqland kernel: IN=eth0 OUT=eth1 SRC=200.33.79.237 DST=192.168.105.220 LEN=60 TOS=0x10 PREC=0x00 TTL=63 ID=19142 DF PROTO=TCP SPT=33987 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0 Which means that is TRYING (?) to do something, but even then isn't able to make the connection. Just to make sure, if I (from Linux router) do a [root@imoqland root]# telnet 192.168.105.220 80 Trying 192.168.105.220... Connected to 192.168.105.220. Escape character is '^]'. it answers immediatly. I can't add a LOG rule in the web server, since it's running IIS and not apache (that's one of the reasons to have the webserver in the internal network and not exposed to the world). I'm getting there with your help, do you have any mean to decipher the log message above? -- ˇSé libre, usa software libre! Be free, use free software! http://www.imoqland.com/ -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
