#1  
Old 26th February 2006, 02:02
jcowdrey jcowdrey is offline
Junior Member
 
Join Date: Feb 2006
Posts: 19
Thanks: 0
Thanked 0 Times in 0 Posts
Question Port 80 error

Hi,

I'm a little stumped as to why port 80 isn't available to the outside world. I've installed ISP Config and it works great. everything works fine locally ie ports 80 81 etc Port 81 is even available to the outside world, but when I try port 80 i'm told theres a connection timout error... my router is setup ok, any ideas?
Reply With Quote
Sponsored Links
  #2  
Old 26th February 2006, 02:19
jcowdrey jcowdrey is offline
Junior Member
 
Join Date: Feb 2006
Posts: 19
Thanks: 0
Thanked 0 Times in 0 Posts
Default just in case...

heres a screen dump of iptables -L


Chain INBOUND (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:www
ACCEPT udp -- anywhere anywhere udp dpt:www
ACCEPT tcp -- anywhere anywhere tcp dpts:ftp-data:ftp
ACCEPT udp -- anywhere anywhere udp dpts:20:fsp
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT udp -- anywhere anywhere udp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dptop3
ACCEPT udp -- anywhere anywhere udp dptop3
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT udp -- anywhere anywhere udp dpt:25
ACCEPT tcp -- anywhere anywhere tcp dpts:netbios-ns:netbios-ssn
ACCEPT udp -- anywhere anywhere udp dpts:netbios-ns:netbios-ssn
ACCEPT tcp -- anywhere anywhere tcp dpt:microsoft-ds
ACCEPT udp -- anywhere anywhere udp dpt:microsoft-ds
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT udp -- anywhere anywhere udp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:81
ACCEPT udp -- anywhere anywhere udp dpt:81
LSI all -- anywhere anywhere

Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- 192.168.0.2 anywhere tcp flags:!SYN,RST,ACK/SYN
ACCEPT udp -- 192.168.0.2 anywhere
ACCEPT tcp -- dns.syd.optusnet.com.au anywhere tcp flags:!SYN,RST,ACK/SYN
ACCEPT udp -- dns.syd.optusnet.com.au anywhere
ACCEPT tcp -- dns.meb.optusnet.com.au anywhere tcp flags:!SYN,RST,ACK/SYN
ACCEPT udp -- dns.meb.optusnet.com.au anywhere
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere limit: avg 10/sec burst 5
DROP all -- anywhere 255.255.255.255
DROP all -- anywhere 192.168.0.255
DROP all -- BASE-ADDRESS.MCAST.NET/8 anywhere
DROP all -- anywhere BASE-ADDRESS.MCAST.NET/8
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere 0.0.0.0
DROP all -- anywhere anywhere state INVALID
LSI all -f anywhere anywhere limit: avg 10/min burst 5
INBOUND all -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Input'

Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere limit: avg 10/sec burst 5
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Forward'

Chain LOG_FILTER (5 references)
target prot opt source destination

Chain LSI (2 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST
LOG icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP icmp -- anywhere anywhere icmp echo-request
LOG all -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix `Inbound '
DROP all -- anywhere anywhere

Chain LSO (0 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix `Outbound '
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable

Chain OUTBOUND (1 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere

Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- 192.168.0.2 192.168.0.2 tcp dpt:domain
ACCEPT udp -- 192.168.0.2 192.168.0.2 udp dpt:domain
ACCEPT tcp -- 192.168.0.2 dns.syd.optusnet.com.au tcp dpt:domain
ACCEPT udp -- 192.168.0.2 dns.syd.optusnet.com.au udp dpt:domain
ACCEPT tcp -- 192.168.0.2 dns.meb.optusnet.com.au tcp dpt:domain
ACCEPT udp -- 192.168.0.2 dns.meb.optusnet.com.au udp dpt:domain
ACCEPT all -- anywhere anywhere
DROP all -- BASE-ADDRESS.MCAST.NET/8 anywhere
DROP all -- anywhere BASE-ADDRESS.MCAST.NET/8
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere 0.0.0.0
DROP all -- anywhere anywhere state INVALID
OUTBOUND all -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Output'
Reply With Quote
  #3  
Old 26th February 2006, 05:18
jcowdrey jcowdrey is offline
Junior Member
 
Join Date: Feb 2006
Posts: 19
Thanks: 0
Thanked 0 Times in 0 Posts
Unhappy also netstat -tap

also... here is the output of netstat -tap command

admin@polo:~$ netstat -tap
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 localhost.localdom:1025 *:* LISTEN -
tcp 0 0 localhost.localdom:1026 *:* LISTEN -
tcp 0 0 localhost.localdo:mysql *:* LISTEN -
tcp 0 0 *:netbios-ssn *:* LISTEN -
tcp 0 0 *:5900 *:* LISTEN 1 4636/vino-server
tcp 0 0 *:81 *:* LISTEN -
tcp 0 0 *:ftp *:* LISTEN -
tcp 0 0 192.168.0.2:domain *:* LISTEN -
tcp 0 0 localhost.locald:domain *:* LISTEN -
tcp 0 0 localhost.localdoma:ipp *:* LISTEN -
tcp 0 0 localhost.localdoma:953 *:* LISTEN -
tcp 0 0 *:smtp *:* LISTEN -
tcp 0 0 *:microsoft-ds *:* LISTEN -
tcp 0 0 192.168.0.2:3215 a-61-9-129-144.depl:www ESTABLISHED1 5745/firefox-bin
tcp 0 0 localhost.localdoma:ipp localhost.localdom:4336 ESTABLISHED-
tcp 0 0 localhost.localdom:1025 localhost.localdom:2866 ESTABLISHED-
tcp 0 0 localhost.localdom:4336 localhost.localdoma:ipp ESTABLISHED1 4695/gnome-cups-ic
tcp 1 0 192.168.0.2:4452 66.249.89.99:www CLOSE_WAIT 1 5745/firefox-bin
tcp 1 0 192.168.0.2:4443 66.249.89.99:www CLOSE_WAIT 1 5745/firefox-bin
tcp 0 0 localhost.localdom:2866 localhost.localdom:1025 ESTABLISHED-
tcp6 0 0 *:www *:* LISTEN -
tcp6 0 0 *:ssh *:* LISTEN -
tcp6 0 0 ip6-localhost:953 *:* LISTEN -


Any ideas please anyone!
Reply With Quote
  #4  
Old 26th February 2006, 09:49
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,704
Thanks: 819
Thanked 5,321 Times in 4,174 Posts
Default

Do you have any firewall on your router that blocks port 80? Have you restarted your roter correctly after forwarding port 80.

I've just seen your new post. Please dont post the same issue twice within a day
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #5  
Old 26th February 2006, 09:54
jcowdrey jcowdrey is offline
Junior Member
 
Join Date: Feb 2006
Posts: 19
Thanks: 0
Thanked 0 Times in 0 Posts
Default port forwarding on router

thanks for the reply...

sorry bout posting twice... i was a little desperate...

I have port forwarding for port 80 enabled on my router... setup same as port 81 and port 81 works fine... all forwarded to 192.168.0.2 (my server)

I have a firewall on linux as well (firestarter) and it has port 80 enabled also. if i do a portscan on ispconfig everything looks fine.

It seems as though it must be the router, but i can't seem to work out how... if I watch the log in firestarter and i do a test on port 81 i can see an event entry come through, if i do it for port 80, not entry at all...
Reply With Quote
  #6  
Old 26th February 2006, 10:08
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,704
Thanks: 819
Thanked 5,321 Times in 4,174 Posts
Default

And you are really sure your provider dos not block port 80?

If you can reach port 80 from another PC in your local network, these issues can be only related to your router or your ISP.

I assume you used IP 192.168.0.2 in ISPConfig for the webhost?
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #7  
Old 26th February 2006, 10:16
jcowdrey jcowdrey is offline
Junior Member
 
Join Date: Feb 2006
Posts: 19
Thanks: 0
Thanked 0 Times in 0 Posts
Default Port 80

thanks again...

I use dodo as my ISP and i called them and they assured me that they don't block port 80, infact they said they don't block any ports...

i will look further at the router... I use a d-link DI-524 router... it's pretty easy to setup... i just don't understand how the following ports 81,22,53,110,25 all work except port 80...

i used 192.168.0.2 as the webhost in ispconfig and also in all dns entries created... oi used to use 192.168.0.2 as the webhost and 149.135.12.8 for all dns entries but i kept getting the "shared IP" webpage for both domains... it works fine under 192.168.0.2...

any more ideas
Reply With Quote
  #8  
Old 26th February 2006, 10:20
Glorfindel Glorfindel is offline
Junior Member
 
Join Date: Feb 2006
Posts: 26
Thanks: 0
Thanked 2 Times in 2 Posts
Default

I doubt this is your problem... but my router sucks and tends to randomly not forward ports that it should be at times. When that happens, I can fix it by forwarding the port in 2-3 different slots... although I think my router's issues are kind of unique, and I doubt that would work for you Thought i'd share just in case though, because that problem caused me a big headache !!
Reply With Quote
  #9  
Old 26th February 2006, 10:39
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,739 Times in 2,574 Posts
Default

Quote:
Originally Posted by jcowdrey
d 192.168.0.2 as the webhost in ispconfig and also in all dns entries created...
In the DNS records for your domains you use 192.168.0.2? Then you can't reach the web sites from the outside because 192.168.0.2 is a private IP address. You must use your public IP address!
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #10  
Old 26th February 2006, 11:48
jcowdrey jcowdrey is offline
Junior Member
 
Join Date: Feb 2006
Posts: 19
Thanks: 0
Thanked 0 Times in 0 Posts
 
Unhappy still troubles...

i've changed my dns entries to use ip 149.135.12.8 instead of the 192.168.0.2... i get the "shared IP" page now...

I got so desperate with this port 80 issue, I disconected my router and pluged my dsl modem into a 2nd network card on my linux server.... eth0 using 149.135.12.8 and eth1 192.168.0.2...

i turned off all firewalls that I know off... and i ran a port scan from http://scan.sygatetech.com/tcpscan.html and all ports show up fine except port 80... so if it's not my isp dodo, then I'm wondering if apache is setup correctly.... but i guess it would be since it all works fine on my local network.... i'm really stumped!

Also... I'm happy if someone want's to ssh with putty into my system to have a look at config and stuff... i could really use the help... just let me know.

Last edited by jcowdrey; 26th February 2006 at 11:53.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Fresh Install on Debian cksrealm Installation/Configuration 12 22nd February 2006 16:14
Installation Fails... :( cyberstorm Installation/Configuration 1 15th January 2006 18:07
error while installing..... securitywonks Installation/Configuration 1 23rd December 2005 12:07
Could not make OpenSSL yontengyatso Installation/Configuration 3 3rd November 2005 10:50
Install stop at uuwish, UUDeview SeaWolf Installation/Configuration 6 4th October 2005 23:53


All times are GMT +2. The time now is 06:05.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.