thttpd problem

[jonolumb]

Check out this guide on committing changes to flash:
http://www.sprayfly.com/wiki/Committing_to_flash
Jono

[VidJa]

Hardware: WL500g with Oleg's Firmware v1.9.2.7 CR7b + 128 MB USB stick for swap and to hold pages for thttpd

This is what I want: from WAN pages served by thttpd, but no admin interface acces and admin acces from LAN. The whole point is not to have my Debian server switched on all day for the 1 or 2 requests i get per day. I'm not running any heavy stuff.

I followed the tutorals on macsat.com to install a thttpd webserver. I got the webserver working and I can access my own pages sitting on the USB stick from the LAN, however I cannot get it working from the WAN side without switching off the basic firewall rules in the admin interface.(not a wanted situation)

This is what I tried:

1) followed macsat tutorial
From WAN to <my_external_ip>:80 --> no response
From WAN to <my_external_ip>:81 --> no response
From LAN to 192.168.1.1:81-->thttpd served pages as expected
From LAN to <my_external_ip>:80-->thttpd served pages as expected
From LAN to 192.168.1.1:80-->admin interface as expected

2) switched off the basic firewall rules
result:
From WAN to <my_external_ip>:80 --> admin interface (not wanted from WAN)
From WAN to <my_external_ip>:81 --> thttpd served pages as expected
From LAN same as above

3) switched on the basic firewall rules again
removed the post-firewall script and in in admin interface:
added virtual-server on port 8000 to 192.168.1.100 to my debian server
added virtual-server on port 80 -->81 to 192.168.1.1 this should provide access to the thttpd pages
result:
From WAN to <my_external_ip>:80 --> no response
From WAN to <my_external_ip>:81 --> no response
From WAN to <my_external_ip>:8000 --> displays my pages on the debian server, so virtual server does work with other computer than router
From LAN same as all above

I also tried to forward port 80 to my debian server and that works as well.

this is the output I get in the system log when I try to access the pages sitting on the router either using port 80 or 81

Feb 3 13:42:27 kernel: DROPIN=eth1 OUT= MAC=<removed> SRC=<removed> DST=192.168.1.1 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=33856 DF PROTO=TCP SPT=52132 DPT=81 SEQ=172141206 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A00F03A600000000001030302)

So I guess somewhere in the whole IPtables the request from the WAN gets dropped before it reaches the thttpd deamon.

Could anybody help me to solve this puzzle?

VidJa


---------------------------
Contents of /tmp/filter_rules
more filter_rules
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:MACS - [0:0]
:SECURITY - [0:0]
:logaccept - [0:0]
:logdrop - [0:0]
-A INPUT -i br0 -j MACS
-A FORWARD -i br0 -j MACS
-A SECURITY -p tcp --syn -m limit --limit 1/s -j RETURN
-A SECURITY -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j RETURN
-A SECURITY -p udp -m limit --limit 5/s -j RETURN
-A SECURITY -p icmp -m limit --limit 5/s -j RETURN
-A SECURITY -j logdrop
-A INPUT -m state --state INVALID -j logdrop
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -i lo -m state --state NEW -j ACCEPT
-A INPUT -i br0 -m state --state NEW -j ACCEPT
-A INPUT -i eth1 -m state --state NEW -j SECURITY
-A FORWARD -i br0 -o br0 -j ACCEPT
-A FORWARD -m state --state INVALID -j logdrop
-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
-A FORWARD -i eth1 -m state --state NEW -j SECURITY
-A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
-A INPUT -j logdrop
-A FORWARD -p tcp -m tcp -d 192.168.1.100 --dport 22 -j ACCEPT
-A FORWARD -p tcp -m tcp -d 192.168.1.1 --dport 81 -j ACCEPT
-A FORWARD -p udp --dport 6112 -j ACCEPT
-A logaccept -m state --state NEW -j LOG --log-prefix "ACCEPT " --log-tcp-sequence --log-tcp-options --log-ip-options
-A logaccept -j ACCEPT
-A logdrop -m state --state NEW -j LOG --log-prefix "DROP" --log-tcp-sequence --log-tcp-options --log-ip-options
-A logdrop -j DROP
COMMIT


Contents of /tmp/nat_rules
more nat_rules
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A PREROUTING -p tcp -m tcp -d <my_ip_address> --dport 22 -j DNAT --to 192.168.1.100
-A PREROUTING -p tcp -m tcp -d <my_ip_address> --dport 80 -j DNAT --to-destination 192.168.1.1:81
-A PREROUTING -p udp -d <my_ip_address> --sport 6112 -j NETMAP --to 192.168.1.0/24
-A POSTROUTING -p udp -s 192.168.1.0/24 --dport 6112 -j NETMAP --to <my_ip_address>
-A POSTROUTING -o eth1 ! -s <my_ip_address> -j MASQUERADE
-A POSTROUTING -o br0 -s 192.168.1.0/24 -d 192.168.1.0/24 -j MASQUERADE
COMMIT

Contents of /tmp/nat_rules
more nat_forward_rules
-A FORWARD -p tcp -m tcp -d 192.168.1.100 --dport 22 -j ACCEPT
-A FORWARD -p tcp -m tcp -d 192.168.1.1 --dport 81 -j ACCEPT
-A FORWARD -p udp --dport 6112 -j ACCEPT

[VidJa]

OK, It seems that after some reading up on IP tables the problem is solved, but in a different way than the tutorials suggest.
I don't know a lot about iptables so any suggestions are welcome from the pro's

This is what I did:
In the admin interface I set the Internet Firewall section I set Enable Firewall to 'YES'
In the Virtual Server section I enabled the virtual servers with my settings to be :

80 192.168.1.1 81 HTTP (forwards to thttpd on the router)
22 192.168.1.100 22 SSH (forwards to my LAN debian server)

then, I created a 'post-firewall script, but differently from the tutorials.

#!/bin/sh
iptables -I INPUT 7 -p tcp --dport 80 -j ACCEPT
iptables -I INPUT 8 -p tcp --dport 81 -j ACCEPT

save with the usual flashfs sequence.

the 7,8 and 9 are the places to insert in the INPUT chain as I understand correctly. It seems to be important to have the 81 in there to get connection to the internal thttpd server

After rebooting I logged in on my work server with ssh and did a wget myhomeip:80 and got the page served by thttpd.

The only drawback is now that the same page is also accessible from wget myhomeip:81
but that is no problem for me

[alpha5]

Hi there,

i´ve tried to setup a thttpd webserver with the macsat.com tutorial!
Firsttime i´ve started it, everything works fine, but now i allways get an errormessage in my /tmp/syslog.log:

Code:

Feb  4 12:03:48 thttpd[12727]: bind 0.0.0.0 - Address already in use

But it seems to be up and running:

Code:

# ps aux
...
12976 admin      2500 R   /opt/sbin/thttpd -C /opt/etc/thttpd.conf
...

But it doesn´t answear on my http request!

This is my thttpd.conf:

Code:

port=81
dir=/opt/share/www
user=nobody
nochroot
nosymlink
logfile=/opt/var/log/thttpd.log
pidfile=/opt/var/run/thttpd.pid

It is started with via the init.d script with this command:

Code:

/opt/sbin/thttpd -C /opt/etc/thttpd.conf

[mutejute]

i had the same problem and went through a lot of troubles (tried different fw versions, installing, removing, reinstalling thttpd and php-thttpd, etc...).

now php-thttpd is working fine and im also running zina mp3 server (php-based) and it streams well.

what i did was i reformat my harddisk to ext3 and that solved the problem. there is a wiki page about wl-hdd, on how to format the harddisk. cant remember the link now, but you can search the forum here.

[leadbelly]

now php-thttpd is working fine and im also running zina mp3 server (php-based) and it streams well....

mutejute! I've been trying to get zina to run on my wl500 gx for a while, but at no succes...
Are you using it to stream out only, or are you also using it to control playback and stream internally?

I'm attempting to get zina to play out to my attached usb-soundcard..
so far, no goodd :-(

[avberk]

In your file: /usr/local/sbin/post-boot

Add the following 2 lines at the bottom:


sleep 30
/opt/etc/init.d/S80thttpd start


Don't forget to do:

flashfs save
flashfs commit
flashfs enable
reboot

afterwards.


Does this help?

[oleo]

Not post-boot but rather post-mount script
and maybe set

hostname=myhostname

if you having bind problems

[ikerstges]

I have the same problem....

On my system (wl500g with Oleg's 1.9.2.7-7b), I see that /opt/etc/init.d/rc.unslung is called from my /usr/local/sbin/post-boot.

This /opt/etc/init.d/rc.unslung takes care to automatically launch every script beginning with an "S" that is in /opt/etc/init.d/. The starting script for thhtpd is /opt/etc/init.d/S80thttpd. Currently, my syslog tells:

Code:

Jan  1 01:00:20 thttpd[148]: bind 0.0.0.0 - Address already in use

I have no /usr/local/sbin/post-mount file yet.

I have tried following:
a) Renamed /opt/etc/init.d/S80thttpd into: /opt/etc/init.d/thttpd (So it will not be part of /opt/etc/init.d/rc.unslung anymore)
b) Created /usr/local/sbin/post-mount with following content:

Code:

#!/bin/sh
/opt/etc/init.d/thttpd start

And make /usr/local/sbin/post-mount executable.
c) flashfs save - flashfs commit - flashfs enable and reboot.

After the reboot, I've checked the syslog about thttpd, but there is no entry at all! (Not even an error-message?!)

Maybe I'm very newbie in my approach, but now I have the question: what should I do?
Should I keep my wl500g just as it was and only add /usr/local/sbin/post-mount?
Does the /usr/local/sbin/post-mount require in the first line a: #!/bin/sh?

[frankd]

i had the same problem and went through a lot of troubles (tried different fw versions, installing, removing, reinstalling thttpd and php-thttpd, etc...).

now php-thttpd is working fine and im also running zina mp3 server (php-based) and it streams well.

what i did was i reformat my harddisk to ext3 and that solved the problem. there is a wiki page about wl-hdd, on how to format the harddisk. cant remember the link now, but you can search the forum here.

@mutejute:

php-thttpd is running fine with me @ WL-HDD on /opt partition on harddisk, using Oleg latest 1.9.2.7-7b.

zina setup gives more trouble than joy. Saving the file zina.ini.php sets all vars to empty strings.
Please can you post your thttpd setup and your zina setup to see whether I can learn someting from those?

And perhaps it is good to state your file locations as well.

thnx in advance.

[mutejute]

frankd,

i used to have problems with oleg + php-thttpd. it dies on me always. thttpd (without php) worked fine though. then i reformatted my harddisk to ext3, that solved the problem. but it was still unstable if i simultaneously access some files thru samba, and browsing my mp3s. php-thttpd cant handle it so it will just terminate and kill itself.

for oleg firmware, im using zina-0.10.27. this version works fine, but a little bit unstable (for creating session playlist), but most of the time, its working good. you cannot save settings using oleg+php-thttpd, at least with my setup. so what i did is i installed wamp (web server) and zina in my windows xp machine. i did the zina settings there and then copied the zina.ini.php to my wl-hdd hardrive. thats the alternative way of creating a zina config file.

my www location is at /opt/share/www. inside www is zina folder. inside zina are my mp3s (artist/album structure).

zina-0.11.xx doesnt work with oleg+php-thttpd. maybe you can modify the code but its better to just use the older version such as 0.10.xx . at macsat forum, someone there is using 0.10.28, but this version is not working with my setup (playlist is broken). i tried a few versions of zina until i found what works with me, and that is 0.10.27.

right now, im using openwrt with lighttpd and php4 installed. the latest stable version of zina (0.11.22) is working great with openwrt+lighttpd+php4. zina worked out of the box! no need to mess around with the code and settings.

[mutejute]

leadbelly,

im sorry but i use zina to play mp3s on the client side and not on the server. i think zina can play mp3s on the server because there is a setting for that. for linux, it has mpg123 option.

[frankd]

frankd,

<snip>

for oleg firmware, im using zina-0.10.27. this version works fine, but a little bit unstable (for creating session playlist), but most of the time, its working good. you cannot save settings using oleg+php-thttpd, at least with my setup. so what i did is i installed wamp (web server) and zina in my windows xp machine. i did the zina settings there and then copied the zina.ini.php to my wl-hdd hardrive. thats the alternative way of creating a zina config file.

my www location is at /opt/share/www. inside www is zina folder. inside zina are my mp3s (artist/album structure).

<snip>
right now, im using openwrt with lighttpd and php4 installed. the latest stable version of zina (0.11.22) is working great with openwrt+lighttpd+php4. zina worked out of the box! no need to mess around with the code and settings.

Thanks for this info.

I will stick with Oleg's fw, because the hassle to copy my current setup in openwrt is too much

So, I'll give obsolete zina a try.

[Tamadite]

My problems became solved when I moved the following line from post-boot to post-mount

Code:

# Run all active services - active means starts with S
/opt/etc/init.d/rc.unslung

[MHz]

Hello,

Is it possible to change the ERROR 404 Page?

If yes, how?

Thanks,


PcExpert