PDA

Bekijk de volledige versie : WAN Webserver on port 80



alpha5
07-01-2005, 15:56
okay, new year, new firmware, new howto

Since few days im using 1.9.2.7-2 from Oleg.
Like in changelogs promised there are some changes in iptables since 1.6.x.x.
These changes are effecting on my last howto about the wan webserver.
So lets start:

At first you need "webspace" f.e. a usb memory stick, or an usb harddisk. How to install this is explained in your asus manual. If there are problems with it, use the search function of this forum!
Optional you can use a service like "dyndns.org" to be aviable allways under the same hostname on internet. F.e. ernstl.dyndns.org. To update your ip on connect use the internal updating client. (see asus manual)

If not done yet, connect to your aus device with a telnetclient of your choise, and login with username and password.
So far... After installing the usb memory device will be mounted as /tmp/harddisk on your asus device.
Now you should creat a seperated directory for your web files with this command:

Code:

mkdir /tmp/usbmount/web



If not allready exist, create the post-boot and post-firewall scripts:

Code:

touch /usr/local/sbin/post-firewall touch /usr/local/sbin/post-boot



Now open the vi editor by typing "vi /usr/local/sbin/post-boot". In vi press "i" to enter a simple insert mode. Type ore paste in the following lines, to make busybox_httpd automaticly started, and mount usb device bevore:

Code:
mount /dev/discs/disc0/part1 /tmp/harddisk -t vfat
busybox_httpd -p 81 -h /tmp/harddisk/web

Press "ESC" to leave inser mode. Now type ":wq!" followed by "return" to write changes and quit vi.

Now open the post-firewall file with vi (vi /usr/local/sbin/post-firewall).
Press "i" and fill in the following line

Code:
iptables -D INPUT -j DROP
iptables -A INPUT -p tcp --dport 81 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 80 -j DNAT --to-destination 192.168.1.1:81
iptables -A INPUT -j DROP


Then "ESC" and ":wq!". Files should now be saved.
To vertify the the files are filled with our informations "cat" the files with the command "cat [filename]".

To store changes in flash enter the following commands in your shell:

Code:
flashfs enable
flashfs save
flashfs commit

Necesarry!!!


After reboot busybox_httpd should be startet automaticly on port 81, by the post-boot. Iptables makes it aviable on port 80 for wan site.
To access the webserver from lan site, you need to connect on port 80. F.e.:
http://192.168.1.1:81

If you have problems do not hesitate to message me or post in Q&A forum!

WlanMan
19-01-2005, 16:58
Well done :)

robiv8
29-01-2005, 00:00
soory for my veeeeery bad english

but i dont have this dyrectory : /usr/local/sbin/

in my usr is only root! and this is empty

??
THX
Robi

robiv8
31-01-2005, 18:27
Sorry for my litle Infomations :o
My aktualy firmaware is 1.9.2.7-3b by Oleg
You mean that i downgrade to 1.9.2.7-2 and than its No Problem with
the Instructions what you Post
---------------------------------------------------------
okay, new year, new firmware, new howto

Since few days im using 1.9.2.7-2 from Oleg.
Like in changelogs promised .......
---------------------------------------------------------

Robi

max2950
21-02-2005, 18:45
Any chance to have this working for 1.9.2.7CR3c ?

max2950
22-02-2005, 12:00
Okay, i've have it running, works great....

But the post-boot script doesn't load when the unit boots.... I have to start it manually :(

Styno
26-02-2005, 18:10
Okay, i've have it running, works great....

But the post-boot script doesn't load when the unit boots.... I have to start it manually :(
Post-boot does load, only the HDD is mounted after post-boot.

You can use the script from: http://wl500g.info/showpost.php?p=6290&postcount=26
to let post-boot wait for the mount process to be completed.

max2950
03-03-2005, 16:32
Post-boot does load, only the HDD is mounted after post-boot.

You can use the script from: http://wl500g.info/showpost.php?p=6290&postcount=26
to let post-boot wait for the mount process to be completed.

Hey this work great now my second server loads right after boot ! :)

However i had to change your script a little bit so that it works on 1.9.2.7 firmware....



#!/bin/sh
i=0
while [ $i -le 30 ]
do
if [ -d /tmp/harddisk/ftp_pub ]
then
break
fi
sleep 1
i=$i + 1
done

busybox_httpd -p 81 -h /tmp/harddisk/web


Now i'm going to look for some infos in order to get a nice config file for my server, i.e. i want to configure it so that it loads index.htm when you only specify a folder in the URL....

britnet
15-03-2005, 14:16
Hello,

I want to run a webserver on Wl-500.

Are there any differences in the manual to the 1.9.2.7CR3c???

I already mount the HDD in the Post-firewall.

Styno
15-03-2005, 14:48
Hello,

I want to run a webserver on Wl-500.

Are there any differences in the manual to the 1.9.2.7CR3c???

I already mount the HDD in the Post-firewall.
Just try it.

sup
15-03-2005, 21:44
hi, I read everywhere about webservers run form a USB harddisk or something like this. is it possible to run them from a pc behind the router (and could I use this "how to" to enable it?) - or is that a completly different problem?

Styno
15-03-2005, 22:21
is it possible to run them from a pc behind the router (and could I use this "how to" to enable it?) - or is that a completly different problem?
Read your manual on "Virtual Server" and install IIS or Apache on the PC.

sup
15-03-2005, 22:43
I hoped it would be so easy:-) (and i should start to more read manuals and less use the internet;-))

max2950
16-03-2005, 08:43
Hello,

I want to run a webserver on Wl-500.

Are there any differences in the manual to the 1.9.2.7CR3c???

I already mount the HDD in the Post-firewall.

Do you mean that you mount the HDD "manually" in the Post-firewall? I do not know if this is right...

To enable your webserver use the post-boot script by styno which i changed a bit because it did not run on 1.9.2.7CR3c....

britnet
16-03-2005, 09:32
Do you mean that you mount the HDD "manually" in the Post-firewall? I do not know if this is right...

Yes, i uses this:

mount /dev/discs/disc0/part1 /tmp/harddisk -t vfat

Shouldn't I do that?


To enable your webserver use the post-boot script by styno

Ok, but where can I get it?

Styno
16-03-2005, 10:10
If you upgrade to the newest firmware from oleg (1.9.2.7 CR4) (http://wl500g.info/showthread.php?t=1917), then there is an post-mount script where you can put all the stuff which is dependend on the HDD.

Edit: Otherwise you can use my script which is this:

#!/bin/sh
i=0
while [ $i -le 30 ]
do
if [ -d /tmp/harddisk/ftp_pub ]
then
break
fi
sleep 1
i=$i + 1
doneAnd which was posted just a few posts above yours...

max2950
16-03-2005, 10:38
If you upgrade to the newest firmware from oleg (1.9.2.7 CR4) (http://wl500g.info/showthread.php?t=1917), then there is an post-mount script where you can put all the stuff which is dependend on the HDD.

Edit: Otherwise you can use my script which is this:

#!/bin/sh
i=0
while [ $i -le 30 ]
do
if [ -d /tmp/harddisk/ftp_pub ]
then
break
fi
sleep 1
i=$i + 1
doneAnd which was posted just a few posts above yours...

I went to this topic before seing the last release by oleg....
;) ;) :rolleyes:

Bartjuh
23-03-2005, 20:24
I can't get it to work :(

I use the v1.9.2.7 CR4 [Oleg] firmware on a asus wl500gx

The directory sbin in /usr/local does not exist standard... :confused:
So i have created it. Then created the files within, checked with cat, flashfs'd, and rebooted. Checked again, all ok.
Tried different versions, including the one with the loop in it.

Copy pasted content files created: (directly from telnet)
---------------------------------------------
[admin@router root]$ cat /usr/local/sbin/post-boot
#!/bin/sh
i=0
while [ $i -le 30 ]
do
if [ -d /tmp/harddisk/ftp_pub ]
then
break
fi
sleep 1
i=$i + 1
done

busybox_httpd -p 81 -h /tmp/harddisk/web
---------------------------------------------
[admin@router sbin]$ cat /usr/local/sbin/post-firewall
iptables -D INPUT -j DROP
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 81 -j ACCEPT
iptables -t nat -A PREROUTING -i ppp0 tcp --dport 80 -j DNAT --to-destination 192.168.0.101:81
iptables -A INPUT -j DROP
-------------------------------------------

I tried creating the files in /usr/sbin , but then i got the message 'cannot create in read-only file system'.

I'm quite a linux noob :o
I have to buy a good book about it once ;)

- ftp works fine.
- can browse to harddrive, all ok.
- web directory created > /tmp/harddisk/web

Bartjuh
24-03-2005, 11:19
It works great here!... except for one thing, it doesn't start automaticly :confused:
I have to start it manually, execute post-boot with sh.
I have the newest firmware from oleg, the v1.9.2.7 CR4 [Oleg] firmware.
In which you can create a post-mount script that automaticly executes when the unit starts up... this doesn't work either..
How to let it start automaticly, i'm quite a linux noob.. but i'm learning :D

But then again, i can live with it ;)

Bartjuh
24-03-2005, 18:39
It works great, but i have to start it manually with sh :(

How to let it start automaticly? :confused:


EDIT: Ok, this is really weird :confused:

I did not see my messages, so i posted it again and again, and now they all show up at once :( ... very strange...

Arnoldm
29-03-2005, 22:20
For me it works from tha LAN side (port 81) but not from the WAN side (port 80). I am redirected to the Wireless Home Gateway Admin pages. :confused:
Any ideas ?



Code:
iptables -D INPUT -j DROP
iptables -A INPUT -p tcp --dport 81 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 80 -j DNAT --to-destination 192.168.1.1:81
iptables -A INPUT -j DROP

Satleecher
01-04-2005, 21:54
WAN side works also at port 81.... (at least overhere)???? :confused: :confused: :confused:

HanSom
05-04-2005, 23:18
I can't get it to work :(

I use the v1.9.2.7 CR4 [Oleg] firmware on a asus wl500gx

The directory sbin in /usr/local does not exist standard... :confused:
So i have created it. Then created the files within, checked with cat, flashfs'd, and rebooted. Checked again, all ok.
Tried different versions, including the one with the loop in it.

ect.......


so the same problem, please give a solution :confused:

Spot
11-04-2005, 14:42
FW 1.9.2.7 CR4: perfectly working... from lan and wan.

To those who experiment problems with this howto, don't forget to "chmod +x" post-script files!


Just 2 questions left:

1. Does the wan access option (in the firewall web setup) have any influence on the final behaviour ( I let it OFF)?

2. In my web directory, I've putted my main page called "index.htm". So, I type "http://myip.dyndns.org/index.htm" to access it from wan. It would be great if I only had to "http://myip.dyndns.org" to enter this default page. I guess I have to specify it in a .conf file... Any clue for me? Yes, I know... I'm a little bit out of topic ;-)

Thanks

mao44
09-05-2005, 14:35
i have the same pb as ARNOLDM
i can't access to the web server by the port 80. I'm always redirected to the admin web page.
and i can't use the port 81, because the Firewall in my compagny block this port

Can you tell me how i can use the port 80 for my web server ?

thanks

Antiloop
09-05-2005, 14:47
i have the same pb as ARNOLDM
i can't access to the web server by the port 80. I'm always redirected to the admin web page.
and i can't use the port 81, because the Firewall in my compagny block this port

Can you tell me how i can use the port 80 for my web server ?

thanks
how are you testing this ? from your own network?

mao44
09-05-2005, 16:10
Yes and no :
i've tried from my network with the same PC (1) , an other PC (by Wifi) (2) and
from another network (in my Company) (3)

With the port 81, i can access to my web server from (1) and (2)
with the port 81, i can't access to my web server from (3) : pb with company firewall

with port 80, i've always accessed at the management interface

mao44
10-05-2005, 15:41
Hi,

is it possible to activate the Webserver on port 80 from WAN ?
and if it's possible, can i use the webserver without activate the management interface from WAN ?

thanks

kdudl
10-05-2005, 16:01
I had the same problem initially. My solution was to create an item in the virtual server list (WL500g web page > NAT Settings > Virtual server)
with:
Port range: 80
Local IP: the local (LAN side) IP address of your ASUS (f.i. 192.168.1.1)
Local port: the internal port you defined for the web server, f.i. 81
Protocol: TCP

It works for me. Try it ! No risk...

mao44
10-05-2005, 17:38
Thanks, it works now

FIB
10-05-2005, 19:48
I had the same problem initially. My solution was to create an item in the virtual server list (WL500g web page > NAT Settings > Virtual server)
with:
Port range: 80
Local IP: the local (LAN side) IP address of your ASUS (f.i. 192.168.1.1)
Local port: the internal port you defined for the web server, f.i. 81
Protocol: TCP

It works for me. Try it ! No risk...

For me this works only if I disable the firewall and then not all my unused ports are stelth. Anyone with the same problem?

As a workaround for the missing firewall I created this Virtual Server List:


Port Range Local IP Local Port Protocol
1:20 192.168.1.200 1 BOTH
22:79 192.168.1.200 1 BOTH
81:65535 192.168.1.200 1 TCP
80 192.168.1.1 8080 TCP
16384:16482 192.168.1.100 UDP

Yes my busybox_httpd WEB-server is on port 8080. 192.168.1.200 do not exist on my lan so from the WAN the ports is stelth. 192.168.1.100 is my Sipura (VoIP box).

Is this solution OK?

PS I was not able to make the "post-firewall" approach working.

kdudl
10-05-2005, 21:27
PS I was not able to make the "post-firewall" approach working.

Have you given execute rights to the post-firewall file (chmod +x post-firewall) ?

Does the text of the post-firewall file begin with #!/bin/sh ? (is necessary!)

FIB
10-05-2005, 21:48
Have you given execute rights to the post-firewall file (chmod +x post-firewall) ?

Does the text of the post-firewall file begin with #!/bin/sh ? (is necessary!) Yes and yes. At the end I managed to be unable communicate with the router if I attached the WAN cable!?! So I more or less gave up the post-firewall approach. Then I tried the GUI approach.

mao44
13-05-2005, 21:23
i have a pb with the Web server on WAN.
on LAN, it works, but from Internet, i dan't have access to the Web page

i have the same pb with telnet, i can access from LAN, but not from WAN, and i have open ports on VIRTUAL NAT

mao44
16-05-2005, 18:09
I've resolved my pb with the Web Seerveur : i've forgotten a line in post-firewall !

but, i've always the pb with the telnet access from WAN