What is blocking port 80?

David Wadson yellowdog-general@lists.terrasoftsolutions.com
Wed, 22 Sep 2004 00:51:19 -0400 

Have you tried running tcpdump on the web server to see whether any of 
the packets are getting through to it? If you don't have a firewall 
running on the webserver, I would suspect either the firewall on the 
router is blocking something, or the port forwarding isn't properly 
configured for WWW. Try 
http://support.dlink.com/faq/view.asp?prod_id=1005 for info on how to 
set up the ports.

Getting iptables properly configured on your web server is good idea as 
you'll want to keep someone from hacking into it.

Dave

On Tuesday, September 21, 2004, at 01:01  PM, camroe@telusplanet.net 
wrote:

> Hi all,
>
> So I'm trying to run an Apache web server on my YDL.
> I'm running Apache 2.0.50 on YellowDog Linux (YDL) Release 3.0, Kernel
> version 2.4.22-2f. I am running it behind a D-Link DSL firewall/router
> DI-601. My YDL machine is assigned a local IP 192.168.1.5.
> I was screwing around with the port forwarding but wasn't having any 
> luck so
> I put the YDL in a DMZ (i.e. WAN has ALL access to this machine) I can 
> FTP
> and Telnet to it using the dynamically assigned ISP IP address of the 
> router
> (199.21.148.227 ... and no that's not the real address :)  )
>
> The problem is that when I  browse to the address (199.21.148.227) I 
> expect
> to get the Apache test page, but I get 'The connection was refused when
> attempting to contact 199.21.148.227'. I can brows to the 
> 192.168.1.105 from
> another machine on my local home network, but I can't get to it from an
> external machine - i.e. at the office. I've tried both netscape and 
> IE, as
> well as tried to telnet to port 80 (tenet 199.21.148.227 80), but 
> still get
> connection refused. I've checked the Apache logs and there are no 
> access_log
> entries or error_log entries. That there are no entries confirms my 
> belief
> that Apache never gets the request and that port 80 is being blocked 
> from
> external access.
> Thinking about what could be blocking port 80 (http) but not port 
> 23(telnet)
> -  I know just enough about IP chains to get into trouble, so I simply 
> tried
> switching them off with 'service iptables stop'.
>
> So  when I do an iptables -L   I get the following:
>
> Chain INPUT (policy ACCEPT)
> target prot opt source  		destination
>
> Chain FORWARD (policy ACCEPT)
> target prot opt source  		destination
>
> Chain OUTPUT (policy ACCEPT)
> target prot opt source  		destination
>
> To me this says that the machine is WIDE open.
>
> I also checked with my ISP provider to make sure that they weren't 
> blocking
> port 80 but they confirmed that they do not do anything special to 
> block
> anything.
>
> Just to confirm that http was indeed running I did an nmap with the
> following result.
>
> nmap -p 1-1024 localhost
>
> Starting nmap V. 3.00 ( www.insecure.org/nmap/ ) Interesting ports on
> localhost.localdomain (127.0.0.1):
> (The 1017 ports scanned but not shown below are in state: closed)
> Port       State       Service
> 21/ftp     open        ftp
> 22/tcp     open        ssh
> 23/tcp     open        telnet
> 25/tcp     open        smtp
> 80/tcp     open        http
> 111/tcp    open        sunrpc
> 443/tcp    open        https
> 631/tcp    open        ipp
>
> Nmap run completed -- 1 IP address (1 host up) scanned in 0 seconds
>
>
> So to review:
> 1. I've opened up the machine by putting it in a DMZ (all access open 
> from
> the router)
> 2. I've turned off any ipchain rules
> 3. I can access the machine through telnet(port23) but can't access 
> port 80.
>
> That's all I can think of to check! My question is  - what else could 
> be
> blocking port 80? Any idea's on what to check?
>
> Thanks for your help!!!