Firewall settings for httpd

Issues related to configuring your network
Post Reply
lespaul
Posts: 3
Joined: 2016/07/05 15:08:00

Firewall settings for httpd

Post by lespaul » 2016/07/05 15:14:14

Hey guys,

Quick question. I've been staring at this problem for a while now, and i just can't figure it out.

I'm trying to get my httpd server to allow external connections. My iptables are as follows:

Code: Select all

[root@webproxy]# iptables --list
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
REJECT     icmp --  anywhere             anywhere            reject-with icmp-port-unreachable 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http state NEW,ESTABLISHED 
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited 

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
As i understand these rules should allow for external access to port 80 on this server. Within my local network I can access the webserver perfectly fine, but apparently not from outside of our network. The local requests are done from a computer within our network, and not from the same server. Does this have anything to do with my firewall settings, httpd settings or something completely unrelated?

LesPaul
Top
B3N
Posts: 3
Joined: 2016/06/24 03:48:33

Re: Firewall settings for httpd

Post by B3N » 2016/07/06 04:29:30

Are you behind NAT? If you are behind NAT you have to configure Port Forwarding in your router.
Top
Whoever
Posts: 1361
Joined: 2013/09/06 03:12:10

Re: Firewall settings for httpd

Post by Whoever » 2016/07/06 04:32:47

Something unrelated.

If you can access the web server from the LAN, then it's not the firewall on the web server that is the problem. Use tcpdump to see if the packets are even reaching your web server. Also look in your httpd logs to see if there is a configuration issue.

My guess is that packets from outside the LAN are not reaching your webserver, or that the webserver's replies are being sent to a different router from the router that sent them to your webserver. For the latter question: is your webserver's default gateway the same as the router that is sending packets to your webserver?
Top
lespaul
Posts: 3
Joined: 2016/07/05 15:08:00

Re: Firewall settings for httpd

Post by lespaul » 2016/07/06 09:59:21

The router was properly configured to let port 80 through to that server.
Apparently it was a DHCP lease issue with the router, as it fixed itself overnight, even though it already had the correct IP address

Anyway, thanks for the help!
Top
Post Reply

Return to “CentOS 6 - Networking Support”