Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19
allowing incoming http requests-iptables-red hat 9.0
Results 1 to 10 of 26

Thread: allowing incoming http requests-iptables-red hat 9.0

Hybrid View

  1. #1
    Junior Member
    Join Date
    Mar 2006
    Posts
    57

    allowing incoming http requests-iptables-red hat 9.0

    I have linux iptables firewall on red hat 9.0 .

    I have a linux apache server on a private ip 192.168.0.5.I need to access the server from outside via our public ip.

    i have given the following code.

    EXTR=Public ip
    WEB_SRV=192.168.0.5

    #Incoming HTTP Requests:
    iptables -t nat -A PREROUTING -i $EXTR -p tcp --dport 80 -j DNAT --to-destination $WEB_SRV:80
    iptables -t nat -A PREROUTING -i $EXTR -p udp --dport 80 -j DNAT --to-destination $WEB_SRV:80

    I ran the iptables with the above code ,but it dosen't output any error.

    any inputs please

  2. #2
    Moderator
    Advisor
    redhead's Avatar
    Join Date
    Jun 2001
    Location
    Copenhagen, Denmark
    Posts
    811
    Try with something like this:
    Code:
     iptables -t nat -A PREROUTING -i $EXTR -p tcp --dport 80 -j DNAT --to $WEB_SRV
    No need to rewrite the destination port, if you're interested I once made a small firewall script, I dont use it now, but occasionaly I look at it, since it holds quite alot of description for varius iptables rules.

    Perhaps it will give you a few hints.
    Don't worry Ma'am. We're university students, - We know what We're doing.
    'Ruiat coelum, fiat voluntas tua.'
    Datalogi - en livsstil; Intet liv, ingen stil.

  3. #3
    Junior Member
    Join Date
    Mar 2006
    Posts
    57
    good.i will go thru ur script and the code.thks

  4. #4
    Junior Member
    Join Date
    Mar 2006
    Posts
    57
    i tried

    iptables -t nat -A PREROUTING -i $EXTR -p tcp --dport 80 -j DNAT --to $WEB_SRV

    and also

    iptables -t nat -A PREROUTING -i $EXTR -p tcp --dport 80 -j DNAT --to $WEB_SRV:80

    but still i can't access

    If i type the external ip address in IE ,i can't access my internal web server.

    i can ping my external ip.I tried this from another internet connection and not thru my local lan,as that won't work..


    Do i need to specify any other commands prior or before to the DNAT command.

    When i run iptables i dont get any error.

  5. #5
    Moderator
    Advisor
    redhead's Avatar
    Join Date
    Jun 2001
    Location
    Copenhagen, Denmark
    Posts
    811
    Could this be your ISP blocking connections on port 80 ?? Just as a small test, do something like:
    Code:
    iptables -t nat -A PREROUTING -i $EXTR -p tcp --dport 8080 -j DNAT --to $WEB_SRV:80
    to see if you can get connected through port 8080 to your internal webserver...
    When i run iptables i dont get any error.
    does an examination of your iptable filters show any packages cought by that rule ? ie:
    > iptables -t nat -v -L PREROUTING
    Where it will show in the pkts and bytes column.
    Don't worry Ma'am. We're university students, - We know what We're doing.
    'Ruiat coelum, fiat voluntas tua.'
    Datalogi - en livsstil; Intet liv, ingen stil.

  6. #6
    Junior Member
    Join Date
    Mar 2006
    Posts
    57
    thks.i will try and let u know.

    by the way i don't think port 80 is blocked ,since all the users can assess internet,.

    as u had mentioned abt port 8080 ,shouldi change it port 8080 in my apache server.

    One more thing i wanted to know.Is it possible for me via iptables to track the Local ip addresses and the sites they visit ..

Similar Threads

  1. How to forward local HTTP requests to remote Proxy with IPTables ?
    By asdamha in forum Linux - Hardware, Networking & Security
    Replies: 1
    Last Post: 05-12-2011, 11:51 AM
  2. iptables http forwarding problem
    By sirstan in forum Security
    Replies: 1
    Last Post: 04-23-2008, 11:24 AM
  3. Problem recving HTTP requests when Apache listens on port 80
    By hecter in forum Linux - Hardware, Networking & Security
    Replies: 1
    Last Post: 10-30-2004, 05:27 AM
  4. IPTABLES: block ALL incoming and outgoing except...
    By Blaqb0x in forum Linux - Software, Applications & Programming
    Replies: 2
    Last Post: 07-06-2004, 03:17 AM
  5. SSH Not allowing users to login?
    By Rastar in forum Linux - Hardware, Networking & Security
    Replies: 9
    Last Post: 05-08-2003, 06:12 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •