re: #1.. a screwed up cut/paste to the wrong window... #2.. what i really think i need to know is how can i open up the box to receive communication from a give address/port... in this way i can add the address/ports that i need.. one at a time.. and test what i'm doing... the issue i'm facing is where do i need to make the cahnge.. and what should the change be... i get the feeling that if you screw this up.. you can warp how the box communicates within the network.... -bruce -----Original Message----- From: psyche-list-admin@redhat.com [mailto:psyche-list-admin@redhat.com]On Behalf Of Craig White Sent: Saturday, January 18, 2003 11:25 AM To: psyche-list@redhat.com Subject: Re: linux security/network issue.... On Sat, 2003-01-18 at 11:57, Bruce Douglas wrote: > hi... > > I have an issue that I believe points to Linux network security. I'm trying > to set my network up to allow external users view my internal Apache server. > My network setup is as follows: > > > > he Setup: > > +----------------+ > | External World | > +----------------+ > ^ > |(12.222.33.11) > v > +-----------------+ > | Firewall/Router | (198.222.33.1) > | (Linksys) |<--------------+ > +-----------------+ | > | (Internal Network) > | > v > +------------------------------------------+ > | | > | | > v v > +--------------+ +---------------+ > | | | | > | Linux Box | (192.222.33.4) | Windows 2K > Box|(192.222.33.5) > | (Apache) | | (Apache) | > | | | (PuTTY) | > +--------------+ | | > +---------------+ > > > If I configure my router to do port forwarding with Port 80 pointing to the > Windows Box with Apache, external users can view the server. If I change the > router/port forwarding to point to the Linux Box/Apache server, the user is > unable to access the Apache server. A quick review of the Apache log files > does not reveal a hit to the server. This seems to indicate that the request > from the external user didn't "get" to the Apache server. > > I'm begining to believe that the real issue has to do with how the Linux box > is configured to accept/handle network communications. I'm able to look at > the linux Apache server from other boxes within my network, provided I use > the internal (192.XX) address. So the Apache server is working properly. > > So my question: How do I expand the IP addresses that are able to access the > Linux Box? Or, might there perhaps be another problem? I'm realtively new to > the world of Linux. I have RH 8.0 with the Gnome GUI. Pointers/assistance to > whatever functions/commands would be appreciated!! > ----- #1 Don't hijack other people's threads. Be courteous to people and learn to type psyche-list@redhat.com as the mailto: address #2 Can you access the web server from the Win2K computer? If not... - is httpd active? 'ps aux|grep httpd' to see if it's actually running - is firewall permitting access? if httpd is active then it must be a firewall issue - temporarily test by 'service iptables off' Craig -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
