PDA

View Full Version : webserver dont work


britnet
30-05-2005, 15:55
Hello,

i hope anybody can help me.

My Problem:

I istalled the Webserver like macsat told in his guide.

From inside the Lan its reachable under: http://192.168.1.20:81/

But i cant connect to it from wan.
This should be: http://britnet.dyndns.tv/
(i set up alle the dyndns stuff in a right way)

What can i do?

Is there anything wrong in my configuration?
britnet
04-06-2005, 11:08
Is there anybody who installed the webserver sucessfully?
kdudl
04-06-2005, 13:18
Is there anybody who installed the webserver sucessfully?

Yes !

I had the same problem initially. My solution was to create an item in the virtual server list (WL500g web page > NAT Settings > Virtual server)
with:
Port range: 80
Local IP: the local (LAN side) IP address of your ASUS (f.i. 192.168.1.1)
Local port: the internal port you defined for the web server, f.i. 81
Protocol: TCP
britnet
05-06-2005, 20:06
Thank you for your answer.

I already did this in the cofiguration for the Virtual Server.

What is the "Protocoll No." in the Virtual Server Screen?

What else could be the problem?
britnet
05-06-2005, 21:16
Is this right for the thttpd.conf:


dir=/opt/share/www
port=81
user=nobody
nochroot
nosymlink
novhost
logfile=/opt/var/log/thttpd.log
# Please do not edit pidfile path at it is use to kill thttpd process during init
pidfile=/opt/var/run/thttpd.pid
kdudl
06-06-2005, 14:02
have you laready defined a post-firewall file ?

In my case I can access ftp and httpd from WAN. My post-firewall file has following content (I am using port 8080 instead of your port 81):

#!/bin/sh
iptables -D INPUT -j DROP
iptables -A INPUT -p tcp --dport 8080 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 21 -j ACCEPT
iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 21 -j DNAT --to-destination 192.168.1.1:21
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination 192.168.1.1:8080
iptables -A INPUT -j DROP
britnet
06-06-2005, 15:00
My post-firewall looks like this:


#!/bin/sh
iptables -D INPUT -j DROP
iptables -A INPUT -p tcp --dport 81 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 80 -j DNAT
--to-destination 192.168.1.20:81
iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 22 -j DNAT
--to-destination 192.168.1.20:22

iptables -A INPUT -j DROP

Is this OK?
britnet
06-06-2005, 15:14
In the webinterface in the "Status & Log - Port Forwarding"-Screen:


Destination Proto. Port Range Redirect to
84.139.95.173 TCP 37587 192.168.1.4
84.139.95.173 TCP 35027 192.168.1.30
84.139.95.173 UDP 6257 192.168.1.50
84.139.95.173 TCP 6699 192.168.1.50
84.139.95.173 TCP 80 192.168.1.20
84.139.95.173 TCP 41427 192.168.1.55
84.139.95.173 TCP 1062 192.168.1.55
84.139.95.173 UDP 6073 255.255.255.255
84.139.95.173 TCP 8080 192.168.1.20

Ist this OK? Where is the Port 81???
britnet
06-06-2005, 15:57
What does this in the LOG mean?


Jan 1 01:02:56 pppd[91]: Connect: ppp0 <--> eth1
kdudl
07-06-2005, 09:15
In the webinterface in the "Status & Log - Port Forwarding"-Screen:



Ist this OK? Where is the Port 81???

Have you really given the IP address 192.168.1.20 to your ASUS router ?

Can you ping successfully your url britnet.dyndns.tv ?
britnet
07-06-2005, 15:09
Yes, i can ping it.

can you ping it, too?

I Think only the 80 port to 81 port function is not available.
britnet
08-06-2005, 16:47
is this Log important??



Jan 1 01:00:21 thttpd[160]: bind 0.0.0.0 - Address already in use
Jan 1 01:00:23 thttpd[160]: thttpd/2.25b PHP/5.0.3 starting on port 81
Jan 1 01:00:23 thttpd[160]: started as root without requesting chroot(), warning only


can somebody reach my server at britnet.dyndns.tv ???
Styno
08-06-2005, 16:53
is this Log important??



Jan 1 01:00:21 thttpd[160]: bind 0.0.0.0 - Address already in use
Jan 1 01:00:23 thttpd[160]: thttpd/2.25b PHP/5.0.3 starting on port 81
Jan 1 01:00:23 thttpd[160]: started as root without requesting chroot(), warning only
Not very, imho, it's just that you started the webserver using the user 'root' (admin) which is a potential security problem. Other then that it's nothing to worry about.


can somebody reach my server at britnet.dyndns.tv ???No, nothing at (84.139.96.162):
http://britnet.dyndns.tv
http://www.britnet.dyndns.tv
http://britnet.dyndns.tv:81

Even ping times out...but that could just be your firewall.

There is an webserver on port 8080 though. Seems to me it's the admin website :)
britnet
09-06-2005, 16:35
Even ping times out...but that could just be your firewall.



What should i do?

How can i open the Firewall on port 80?
Styno
09-06-2005, 17:34
First disable 'port-trigger' and 'Virtual DMZ' in 'NAT setting'. Then enable 'Virtual server' and forward port 80 to port 81 of the router (192.186.1.20 in your case).

That should do it. You can also leave your firewall turned on.