A little bit of advice would be appreciated here. I have a permanent IP number that is assigned to my DSL connection by my ISP. I want to set up a web site on a computer that uses private IPs that are dynamically issued by the router. How do I tell the system that it should direct any HTTP call that is for 203.3.whatever to 192.168.1.whatever?

In the router it allows me to tell it to redirect all calls for port 80 to another port or even another private IP address, but as the IPs are dynamically allocated how do I know what computer gets to answer the calls.

So, in another words. My IP address is 203.3.126.224. How can I auto redirect all calls on my network to the computer which is hosting the web pages?

It depends on your router. I have a D-Link wireless router and I can configure it by going to http://192.168.0.1

There is an advanced option to configure 'Virtual Servers'
I highlighted the Virtual Server HTTP (web pages) and put in the internal IP address of the computer that hosts the website.

Your router might be completely different though.

<TABLE height=30 cellSpacing=2 cellPadding=0 width="100%" border=0><TBODY><TR><TD colSpan=4 height=20>Virtual Server <INPUT type=hidden value=2 name=editRow> <INPUT type=hidden value=0 name=delrow> </TD></TR><TR vAlign=top><TD colSpan=4 height=30>Virtual Server is used to allow Internet users access to LAN services.</TD></TR><TR><TD width="18%">

</TD><TD colSpan=3 height=11><INPUT type=radio value=1 name=enable> Enabled <INPUT type=radio CHECKED value=0 name=enable> Disabled </TD></TR><TR><TD width="18%">
Name
</TD><TD colSpan=3 height=12><INPUT style="BACKGROUND-COLOR: #ffffa0" maxLength=31 size=32 value="Virtual Server HTTP" name=name> <INPUT onclick="NewRow(this.form,'tabVS')" type=reset value=Clear> </TD></TR><TR><TD width="18%">
Private IP
</TD><TD colSpan=3 height=25><INPUT maxLength=15 size=15 value=192.168.1.100 name=ip> </TD></TR><TR><TD width="18%">
Protocol Type
</TD><TD colSpan=3 height=25><SELECT style="VISIBILITY: visible" size=1 name=protocol> <OPTION value=6 selected>TCP</OPTION> <OPTION value=17>UDP</OPTION> <OPTION value=0>Both</OPTION></SELECT> </TD></TR><TR><TD width="18%" height=2>
Private Port
</TD><TD colSpan=3 height=25><INPUT id=priPort maxLength=5 onchange="return Portcheck(this,1,65535)" size=5 value=80 name=priPort> </TD></TR><TR><TD width="18%" height=28>
Public Port
</TD><TD colSpan=3 height=25><INPUT id=pubPort maxLength=5 onchange="return Portcheck(this,1,65535)" size=5 value=80 name=pubPort>

</TD></TR><TR><TD width="18%">
Schedule
</TD><TD colSpan=3 height=25><INPUT type=radio CHECKED value=0 name=schd> Always</TD></TR><TR><TD width="18%"> </TD><TD width="12%" height=25><INPUT type=radio value=1 name=schd> From</TD><TD colSpan=2>time <SELECT style="VISIBILITY: visible" size=1 name=hour1> <OPTION value=0>00</OPTION> <OPTION value=1 selected>01</OPTION> <OPTION value=2>02</OPTION> <OPTION value=3>03</OPTION> <OPTION value=4>04</OPTION> <OPTION value=5>05</OPTION> <OPTION value=6>06</OPTION> <OPTION value=7>07</OPTION> <OPTION value=8>08</OPTION> <OPTION value=9>09</OPTION> <OPTION value=10>10</OPTION> <OPTION value=11>11</OPTION></SELECT> : <SELECT style="VISIBILITY: visible" size=1 name=min1> <OPTION value=0 selected>00</OPTION> <OPTION value=5>05</OPTION> <OPTION value=10>10</OPTION> <OPTION value=15>15</OPTION> <OPTION value=20>20</OPTION> <OPTION value=25>25</OPTION> <OPTION value=30>30</OPTION> <OPTION value=35>35</OPTION> <OPTION value=40>40</OPTION> <OPTION value=45>45</OPTION> <OPTION value=50>50</OPTION> <OPTION value=55>55</OPTION></SELECT> <SELECT style="VISIBILITY: visible" size=1 name=am1> <OPTION value=0 selected>AM</OPTION> <OPTION value=1>PM</OPTION></SELECT> to <SELECT style="VISIBILITY: visible" size=1 name=hour2> <OPTION value=0>00</OPTION> <OPTION value=1 selected>01</OPTION> <OPTION value=2>02</OPTION> <OPTION value=3>03</OPTION> <OPTION value=4>04</OPTION> <OPTION value=5>05</OPTION> <OPTION value=6>06</OPTION> <OPTION value=7>07</OPTION> <OPTION value=8>08</OPTION> <OPTION value=9>09</OPTION> <OPTION value=10>10</OPTION> <OPTION value=11>11</OPTION></SELECT> : <SELECT style="VISIBILITY: visible" size=1 name=min2> <OPTION value=0 selected>00</OPTION> <OPTION value=5>05</OPTION> <OPTION value=10>10</OPTION> <OPTION value=15>15</OPTION> <OPTION value=20>20</OPTION> <OPTION value=25>25</OPTION> <OPTION value=30>30</OPTION> <OPTION value=35>35</OPTION> <OPTION value=40>40</OPTION> <OPTION value=45>45</OPTION> <OPTION value=50>50</OPTION> <OPTION value=55>55</OPTION></SELECT> <SELECT style="VISIBILITY: visible" size=1 name=am2> <OPTION value=0 selected>AM</OPTION> <OPTION value=1>PM</OPTION></SELECT> </TD></TR><TR><TD width="18%" height=25> </TD><TD width="12%" height=25> </TD><TD colSpan=2 height=25>day <SELECT style="VISIBILITY: visible" size=1 name=day1> <OPTION value=0 selected>Sun</OPTION> <OPTION value=1>Mon</OPTION> <OPTION value=2>Tue</OPTION> <OPTION value=3>Wed</OPTION> <OPTION value=4>Thr</OPTION> <OPTION value=5>Fri</OPTION> <OPTION value=6>Sat</OPTION></SELECT> to <SELECT style="VISIBILITY: visible" size=1 name=day2> <OPTION value=0 selected>Sun</OPTION> <OPTION value=1>Mon</OPTION> <OPTION value=2>Tue</OPTION> <OPTION value=3>Wed</OPTION> <OPTION value=4>Thr</OPTION> <OPTION value=5>Fri</OPTION> <OPTION value=6>Sat</OPTION></SELECT> </TD></TR><TR><TD colSpan=4> </TD></TR><TR><TD vAlign=bottom colSpan=3>Virtual Servers List</TD><TD width="28%"><TABLE cellSpacing=0 cellPadding=0 width="40%" align=right border=0><TBODY><TR><TD>[/url]</TD><TD>.reset()"] (javascript:send_request())</TD><TD>[url="http://192.168.1.1/help_adv.html#05"]</TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE><TABLE id=tabVS cellSpacing=0 cellPadding=0 width="100%" border=0><TBODY><TR bgColor=#b7dcfb><TD> </TD><TD>Name</TD><TD>Private IP</TD><TD>Protocol</TD><TD>Schedule</TD><TD> </TD></TR><TR><TD><INPUT disabled type=checkbox name=enable1></TD><TD>Virtual Server FTP</TD><TD>0.0.0.0</TD><TD>TCP 21/21</TD><TD>always</TD><TD></TD></TR><TR style="BACKGROUND-COLOR: #ffff00"><TD><INPUT disabled type=checkbox name=enable2></TD><TD>Virtual Server HTTP</TD><TD>0.0.0.0</TD><TD>TCP 80/80</TD><TD>always</TD><TD></TD></TR><TR><TD><INPUT disabled type=checkbox name=enable3></TD><TD>Virtual Server HTTPS</TD><TD>0.0.0.0</TD><TD>TCP 443/443</TD><TD>always</TD><TD></TD></TR><TR><TD><INPUT disabled type=checkbox name=enable4></TD><TD>Virtual Server DNS</TD><TD>0.0.0.0</TD><TD>UDP 53/53</TD><TD>always</TD><TD></TD></TR></TBODY></TABLE>

A little bit of advice would be appreciated here. I have a permanent IP number that is assigned to my DSL connection by my ISP. I want to set up a web site on a computer that uses private IPs that are dynamically issued by the router. How do I tell the system that it should direct any HTTP call that is for 203.3.whatever to 192.168.1.whatever?

In the router it allows me to tell it to redirect all calls for port 80 to another port or even another private IP address, but as the IPs are dynamically allocated how do I know what computer gets to answer the calls.

So, in another words. My IP address is 203.3.126.224. How can I auto redirect all calls on my network to the computer which is hosting the web pages?

Can I add at this point that the Triton router is the best for table use ???
;)

damn, Gumby beat to the smart reply!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

damn, Gumby beat to the smart reply!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Sorry Bob, it had to be said :D :D

Bob, a lot of the routers now have tick box type setups to do this (as per Grunts reply).
Failing that the old fashioned (and not very elegant) way to do it would be to port forward.
i.e port forward 203.3.126.224:8080 192.168.1.123:8080 or some thing similar.

Do you know that in the U.K., what we call a router (IP that is) is pronounced "rooter".

At work, whenever we get a comms person straight off the plane, the first thing they have to learn is to modify their pronunciation of router. ;)

I don't know how they pronounce it in the US. :confused:

As mentioned by others it depends on your modem/ router. The internal network will probably have 192.168.0/ or 10.0.0 type ip range. You should be able to setup either bridging direct to the web server, which is what I use but a decent operating system (ie not windows) would be best, or you should be able to port forward, so all incoming requests to your static ip on port 80 go through the router directly to the web server.

The router manual, or help pages will have something on this.

cheers

shaun

BOB,

Like table routers computer routers need to be properly configured. they both rely on bits. in table routers you need collet spanners to change the bits, whereas on teh computer router you can adjust the bits (and bytes) utilising the software. i hope this helps.

(gumby might have beaten me to the first, and most obvious smartarse answer, but if you look deeper into the problem, theres always something left for the creative mind)

Doug

Be buggered if I understood a word of that. Not that I don't doubt it is right, I just can't seem to work out how to bypass the firewall on my router (and no- that isn't the new dust collection box either :) )

Sounds like you are trying to run a web server behind a router. I really want to be able to do that (need more space than the 50MB that my ISP allocates), but have been told to stay well clear of it because of the little bastards out there who will attack the computer within hours.

Also want to be able to get a webcam feed out through the firewall (so I can keep an eye on the pets (and yeah, I'll leave the definition of pets open to interpretation!) It may be a bit clearer when I say that I also want to hook up speakers so I can have a little chat with my dogs when they decide to dig another hole in the back yard!)

Thank you for the intelligent replies from those who know what I am asking and thanks also for the less helpful but still appreciated replies from some others. :)

I have a Billion Wireless ADSL Security Router. This router has similar setup properties to most others and can be configured by a page in a browser.

I went to the virtual server (port forwarding) and in there I assigned all port 80 traffic to 192.168.1.150.

Next, I went to the Linux box and set the address as a permanent address of 192.168.1.150. then rebooted Linux just to be sure.

I am running an Apache http server and so I can see that there are several instances of http servers running when I do a ps -aux.

Ifconfig tells me that it is running eth0 as 192.168.1.150 and it is not having any troubles. However, I cannot get anywhere via http either by using the 203.3.126.IP directly nor http://jwillson.apana.org.au

I can however see it all from the Windows box if I go directly to 192.168.1.150. My aborted/distorted Apache screen comes up properly.

So what am I missing?

Thank you for the intelligent replies from those who know what I am asking and thanks also for the less helpful but still appreciated replies from some others. :)

I have a Billion Wireless ADSL Security Router. This router has similar setup properties to most others and can be configured by a page in a browser.

I went to the virtual server (port forwarding) and in there I assigned all port 80 traffic to 192.168.1.150.

Next, I went to the Linux box and set the address as a permanent address of 192.168.1.150. then rebooted Linux just to be sure.

I am running an Apache http server and so I can see that there are several instances of http servers running when I do a ps -aux.

Ifconfig tells me that it is running eth0 as 192.168.1.150 and it is not having any troubles. However, I cannot get anywhere via http either by using the 203.3.126.IP directly nor http://jwillson.apana.org.au

I can however see it all from the Windows box if I go directly to 192.168.1.150. My aborted/distorted Apache screen comes up properly.

So what am I missing?
looks like you are nearly there. The first place to look would be the router, just double check that the port forwarding is correct. Next check that apache is running on port 80 (it is the default, but I don't know your setup).

I just did a port scan on your network and port 80 came up, but i can't get to a web server, so either it is pointing to the wrong box, http is not running (you would have picked this up with the ps aux command) or there is a firewall blocking it. Have a think about those and see what you can find.
shaun@daria:~$ nmap jwillson.apana.org.au

Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-07-07 09:45 CST
Interesting ports on jwillson.apana.org.au (203.3.126.224):
(The 1662 ports scanned but not shown below are in state: filtered)
PORT STATE SERVICE
80/tcp open http

Nmap finished: 1 IP address (1 host up) scanned in 43.100 seconds
shaun@daria:~$ telnet jwillson.apana.org.au 80
Trying 203.3.126.224...

(this just sits there looking for a socket).

You are close to getting this working, but if you want to have a bit more fun and far more control, consider bridging the modem and using pppoe/ pppoa on the linux box with the rest of the network hiding behind this gateway. Doing this would give you good protection, while easily allowing web, mail, other servers that make you happy, and most importantly ssh. having ssh open gives you the ability to control your network from anywhere in the world.

Feel free to ask more here, or mail [email protected], or contact parsec on freenode (irc) if I can help.

shaun
Here is my quick test:

I used PuTTy to log in as root on jwillson and this is the ps -aux result.
It clearly shows that httpd is running plus a load of other stuff that I may or may not need.
As I (may have) said before, the router does have a built in firewall but I have disabled everything in it.
[root@jwillson root]# ps -aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.1 1288 484 ? S 09:49 0:04 init
root 2 0.0 0.0 0 0 ? SW 09:49 0:00 [keventd]
root 3 0.0 0.0 0 0 ? SW 09:49 0:00 [kapmd]
root 4 0.0 0.0 0 0 ? SWN 09:49 0:00 [ksoftirqd_CPU0]
root 5 0.0 0.0 0 0 ? SW 09:49 0:00 [kswapd]
root 6 0.0 0.0 0 0 ? SW 09:49 0:00 [bdflush]
root 7 0.0 0.0 0 0 ? SW 09:49 0:00 [kupdated]
root 8 0.0 0.0 0 0 ? SW< 09:49 0:00 [mdrecoveryd]
root 12 0.0 0.0 0 0 ? SW 09:49 0:00 [kjournald]
root 96 0.0 0.2 1696 948 ? S 09:49 0:00 devfsd /dev
root 186 0.0 0.0 0 0 ? SW 09:49 0:00 [khubd]
root 305 0.0 0.0 0 0 ? SW 09:49 0:00 [kjournald]
rpc 776 0.0 0.1 1416 532 ? S 09:49 0:00 portmap
root 790 0.0 0.1 1356 584 ? S 09:49 0:00 syslogd -m 0
root 798 0.0 0.3 1888 1096 ? S 09:49 0:00 klogd -2
rpcuser 842 0.0 0.2 1500 740 ? S 09:49 0:00 rpc.statd
root 857 0.0 0.1 1336 496 ? S 09:49 0:00 gpm -t imps2 -m /dev/psaux
root 875 0.0 0.1 1412 600 ? S 09:49 0:00 ypserv
xfs 976 0.0 1.3 5704 4392 ? S 09:49 0:00 xfs -port -1 -daemon -droppriv -user xfs
root 1028 0.0 0.1 1268 476 ? S 09:49 0:00 /usr/sbin/apmd -p 10 -w 5 -W -P /etc/sysconfig/apm-scripts/apmd_proxy
root 1045 0.0 0.1 1468 600 ? S 09:49 0:00 rpc.ypxfrd
daemon 1086 0.0 0.1 1312 504 ? S 09:49 0:00 /usr/sbin/atd
root 1097 0.0 0.2 2292 664 ? S 09:49 0:00 /usr/bin/kdm -nodaemon
root 1110 0.0 0.1 1500 492 ? S 09:49 0:00 saslauthd -a pam -T
root 1121 1.1 3.7 79696 11964 ? S< 09:49 1:07 /etc/X11/X -deferglyphs 16 -auth /var/run/xauth/A:0-ew4hBz
named 1126 0.0 0.6 10068 2216 ? S 09:49 0:00 named -u named
named 1127 0.0 0.6 10068 2216 ? S 09:49 0:00 named -u named
named 1128 0.0 0.6 10068 2216 ? S 09:49 0:00 named -u named
named 1132 0.0 0.6 10068 2216 ? S 09:49 0:00 named -u named
named 1137 0.0 0.6 10068 2216 ? S 09:49 0:00 named -u named
root 1143 0.0 0.4 3244 1308 ? S 09:49 0:00 -:0
root 1171 0.0 0.5 1712 1704 ? SL 09:49 0:00 ntpd -A
root 1191 0.0 0.3 2660 1244 ? S 09:49 0:00 /usr/sbin/sshd
root 1214 0.0 0.2 2068 940 ? S 09:49 0:00 xinetd -stayalive -reuse -pidfile /var/run/xinetd.pid
root 1251 0.0 0.5 4748 1692 ? S 09:49 0:00 cupsd
root 1389 0.0 0.0 0 0 ? SW 09:49 0:00 [nfsd]
root 1390 0.0 0.0 0 0 ? SW 09:49 0:00 [nfsd]
root 1391 0.0 0.0 0 0 ? SW 09:49 0:00 [nfsd]
root 1392 0.0 0.0 0 0 ? SW 09:49 0:00 [lockd]
root 1393 0.0 0.0 0 0 ? SW 09:49 0:00 [rpciod]
root 1394 0.0 0.0 0 0 ? SW 09:49 0:00 [nfsd]
root 1395 0.0 0.0 0 0 ? SW 09:49 0:00 [nfsd]
root 1396 0.0 0.0 0 0 ? SW 09:49 0:00 [nfsd]
root 1397 0.0 0.0 0 0 ? SW 09:49 0:00 [nfsd]
root 1398 0.0 0.0 0 0 ? SW 09:49 0:00 [nfsd]
root 1410 0.0 0.1 1392 480 ? S 09:49 0:00 rpc.mountd
root 1425 0.0 0.1 1296 492 ? S 09:49 0:00 rwhod
root 1435 0.0 0.1 1300 544 ? S 09:49 0:00 rwhod
root 1442 0.0 0.1 1568 476 ? S 09:49 0:00 rpc.yppasswdd
root 1581 0.0 0.3 3784 1224 ? S 09:50 0:00 /usr/lib/postfix/master
postfix 1592 0.0 0.4 3908 1332 ? S 09:50 0:00 pickup -l -t fifo -u -c
postfix 1593 0.0 0.4 3968 1392 ? S 09:50 0:00 nqmgr -l -n qmgr -t fifo -u -c
root 1727 0.0 1.2 7424 3944 ? S 09:50 0:00 httpd-perl -f /etc/httpd/conf/httpd-perl.conf -DPERLPROXIED -DHAVE_PROXY -DHAVE_ACCESS -DHAVE_
apache 1734 0.0 1.2 7532 4012 ? S 09:50 0:00 httpd-perl -f /etc/httpd/conf/httpd-perl.conf -DPERLPROXIED -DHAVE_PROXY -DHAVE_ACCESS -DHAVE_
apache 1735 0.0 1.2 7532 4012 ? S 09:50 0:00 httpd-perl -f /etc/httpd/conf/httpd-perl.conf -DPERLPROXIED -DHAVE_PROXY -DHAVE_ACCESS -DHAVE_
apache 1736 0.0 1.2 7532 4012 ? S 09:50 0:00 httpd-perl -f /etc/httpd/conf/httpd-perl.conf -DPERLPROXIED -DHAVE_PROXY -DHAVE_ACCESS -DHAVE_
apache 1737 0.0 1.2 7532 4012 ? S 09:50 0:00 httpd-perl -f /etc/httpd/conf/httpd-perl.conf -DPERLPROXIED -DHAVE_PROXY -DHAVE_ACCESS -DHAVE_
root 1743 0.0 1.0 8004 3320 ? S 09:50 0:00 httpd -DPERLPROXIED -DHAVE_PHP4 -DHAVE_SSL -DHAVE_PROXY -DHAVE_ACCESS -DHAVE_ACTIONS -DHAVE_AL
root 1750 0.0 0.4 3416 1488 ? S 09:50 0:00 /usr/bin/perl /usr/sbin/advxsplitlogfile
apache 1751 0.0 1.0 8136 3524 ? S 09:50 0:00 httpd -DPERLPROXIED -DHAVE_PHP4 -DHAVE_SSL -DHAVE_PROXY -DHAVE_ACCESS -DHAVE_ACTIONS -DHAVE_AL
apache 1752 0.0 1.1 8136 3576 ? S 09:50 0:00 httpd -DPERLPROXIED -DHAVE_PHP4 -DHAVE_SSL -DHAVE_PROXY -DHAVE_ACCESS -DHAVE_ACTIONS -DHAVE_AL
apache 1753 0.0 1.0 8136 3524 ? S 09:50 0:00 httpd -DPERLPROXIED -DHAVE_PHP4 -DHAVE_SSL -DHAVE_PROXY -DHAVE_ACCESS -DHAVE_ACTIONS -DHAVE_AL
apache 1754 0.0 1.0 8136 3524 ? S 09:50 0:00 httpd -DPERLPROXIED -DHAVE_PHP4 -DHAVE_SSL -DHAVE_PROXY -DHAVE_ACCESS -DHAVE_ACTIONS -DHAVE_AL
nobody 1789 0.0 0.4 4168 1472 ? S 09:50 0:00 proftpd (accepting connections)
root 1820 0.0 0.1 1484 624 ? S 09:50 0:00 crond
root 1839 0.0 0.6 5028 1960 ? S 09:50 0:00 smbd -D
root 1849 0.0 0.5 3800 1764 ? S 09:50 0:00 nmbd -D
root 1853 0.0 0.4 3768 1480 ? S 09:50 0:00 nmbd -D
root 1874 0.0 0.3 2476 1064 ? S 09:50 0:00 /usr/bin/lisa -c /etc/lisarc
root 2011 0.0 0.1 1248 412 vc/1 S 09:50 0:00 /sbin/mingetty tty1
root 2012 0.0 0.1 1248 412 vc/2 S 09:50 0:00 /sbin/mingetty tty2
root 2013 0.0 0.1 1248 412 vc/3 S 09:50 0:00 /sbin/mingetty tty3
root 2014 0.0 0.1 1248 412 vc/4 S 09:50 0:00 /sbin/mingetty tty4
root 2015 0.0 0.1 1248 412 vc/5 S 09:50 0:00 /sbin/mingetty tty5
root 2016 0.0 0.1 1248 412 vc/6 S 09:50 0:00 /sbin/mingetty tty6
root 2089 0.0 0.3 2384 1220 ? S 09:54 0:00 /bin/sh /usr/bin/startkde
root 2186 0.0 2.4 19544 7848 ? S 09:54 0:00 kdeinit: Running...
root 2189 0.0 2.4 19468 8004 ? S 09:54 0:00 kdeinit: dcopserver --nosid
root 2192 0.0 2.8 20640 9124 ? S 09:54 0:00 kdeinit: klauncher
root 2194 0.0 3.5 35620 11476 ? S 09:54 0:00 kdeinit: kded
root 2203 0.0 1.5 7984 5012 ? S 09:54 0:00 /usr/bin/artsd -F 10 -S 4096 -s 60 -m artsmessage -l 3 -f
root 2207 0.0 4.2 39492 13580 ? S 09:54 0:00 kdeinit: knotify
root 2208 0.0 0.0 1324 312 ? S 09:54 0:00 kwrapper ksmserver --restore
root 2210 0.0 3.5 35528 11300 ? S 09:54 0:00 kdeinit: ksmserver --restore
root 2211 0.0 4.0 36556 13012 ? S 09:54 0:01 kdeinit: kwin -session 11cb037ee0000112046986800000023290000
root 2213 0.0 5.2 41428 16956 ? S 09:54 0:01 kdeinit: kdesktop
root 2215 0.0 4.7 38328 15176 ? S 09:54 0:01 kdeinit: kicker
root 2222 0.0 3.8 36356 12304 ? S 09:54 0:00 kdeinit: kwrited
root 2223 0.0 5.0 38604 16184 ? S 09:54 0:00 kdeinit: konqueror -session 11cb037ee0000112054809300000023290055
root 2226 0.0 3.8 35708 12256 ? S 09:54 0:00 korgac --miniicon korganizer
root 2227 0.0 3.4 35452 11040 ? S 09:54 0:00 kalarmd -session 11cb037ee0000112046987300000023290006
apache 2382 0.0 1.0 8136 3528 ? S 10:09 0:00 httpd -DPERLPROXIED -DHAVE_PHP4 -DHAVE_SSL -DHAVE_PROXY -DHAVE_ACCESS -DHAVE_ACTIONS -DHAVE_AL
root 2858 0.6 2.6 15224 8588 ? S 11:21 0:01 /usr/bin/gnome-terminal
root 2860 0.0 0.7 4336 2464 ? S 11:21 0:00 /usr/lib/gconfd-2 10
root 2862 0.0 0.6 4020 2160 ? S 11:21 0:00 /usr/lib/bonobo-activation-server --ac-activate --ior-output-fd=14
root 2863 0.0 0.1 1312 492 ? S 11:21 0:00 /usr/lib/libzvt-2.0/gnome-pty-helper
root 2864 0.0 0.5 2720 1604 pts/1 S 11:21 0:00 bash
root 2902 0.1 0.5 6100 1896 ? S 11:24 0:00 /usr/sbin/sshd
root 2904 0.1 0.5 2716 1608 pts/2 S 11:24 0:00 -bash
root 2939 0.1 0.3 2264 976 pts/2 S 11:24 0:00 su
root 2940 0.4 0.4 2716 1600 pts/2 S 11:24 0:00 bash
root 2968 0.6 0.4 2716 1600 pts/2 S 11:24 0:00 bash
root 2996 0.0 0.2 2760 880 pts/2 R 11:24 0:00 ps -aux
[root@jwillson root]#

Router info

Silly question. From one of your other machines can you see the website on the Linux box?

Not so silly Grunt
I just tried and I can no longer get anywhere from the Linux machine and when I try to go to an https site from my Windows box I get told that it is an illegal or non verifiable certificate.
OK, What have I done to my system now? :(

I'd ignore the https unless you are going to accept online credit card details. The problem is you need a digital certificate which you can get but they cost money for a real one.

What happens when in your browser you go to http://192.168.1.150 (http://192.168.1.150/) from your windows PC?

Do you have a firewall set up on the Linux box?

Do you know that in the U.K., what we call a router (IP that is) is pronounced "rooter".

At work, whenever we get a comms person straight off the plane, the first thing they have to learn is to modify their pronunciation of router. ;)

I don't know how they pronounce it in the US. :confused: Phoenetically, the US pronunciation would be

rowder

Or go here

http://www.m-w.com/cgi-bin/dictionary?book=Dictionary&va=router&x=0&y=0

and click on the loudspeaker icon. (Pity she's not saying rooter:D)

I've got it: go here:

http://www.m-w.com/cgi-bin/dictionary?book=Dictionary&va=route&x=0&y=0

for a 'root'.
.
.
.
Infantile isn't it...

BTW This dictionary mentions nothing about networks, IP etc when talking about routers. I'm with Gumby: I thought this thread would be about efficient tool layout in a shed;)

What happens when in your browser you go to http://192.168.1.150 (http://192.168.1.150/) from your windows PC?

Do you have a firewall set up on the Linux box?

Whjen I type in 192.168.1.150, it goes immediately to the web page at that address.
If there is a firewall running on the Linux box then it was installed by Linux itself as I have not specifically done so myself.

The browser was working fine a short while ago, before I changed its IP number and directed all http traffic on port 80 to that address.

Not sure what to do next. It's tricky when you can't play.

I'm not a Linux guru and know little about the networking side of it.

Are you saying that you can't get out to see anything from your Linux box?

I think Shaun might have more of a clue.

I can't even ping outside the network.
Inside is fine though; I can even see a bit of a SAMBA network on the Windows box

Bob, I've got a bit lost on were your up to. Looking at your port foward screen capture from the router you can not specified a source IP address (203.3.126.XX) . Doesn't that mean that all traffic will be directed to the linux server. Therfore all web requests generated on the windows PCs inside the network will be delived to the linux PC.

Is there a NAT facility on the router. If so that may work better.

Therefor all web requests generated on the windows PCs inside the network will be delived to the linux PC.

Well it didn't quite happen that way.
OK because I was getting nowhere with the Linux box I undid the port redirection in the router and changed the Linux box back to DHCP. Everything works again except that nothing is visible on the web.

So the situation at present is that the router is set up as bog standard.
The router address (internally ) is 192.168.1.254
Linux box is 192.168.1.4
Windows box is 192.168.1.1

All boxes can now see the www but the www cannot see them.

Bob which ISP are you using. A lot of the ISP's have blocked port 80 on their networks. Their excuse being that it stops the "code red" worm but it's also to stop people running their own web servers.

Your basic setup seems ok.

*Static IP.
*DHCP on the router.
*Dynamic adresses allocated to the machines.
*IP forwarding set to forward port 80 to the dynamically allocated address on the linux box.

What linux distro are you using? Some do install firewalls by default, normally using ipchains or iptables. Type "ipchains -L" to list any chaining rules currently running or "iptables -L" depending on whats running.

-Paul

Hi Paul
[root@jwillson root]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@jwillson root]#

From PuTTy connection



*IP forwarding set to forward port 80 to the dynamically allocated address on the linux box.

Not so, the address was statically allocated. Does trhis make a difference?

seems like you need to throw it out and get a GMC router

Do you know that in the U.K., what we call a router (IP that is) is pronounced "rooter".

At work, whenever we get a comms person straight off the plane, the first thing they have to learn is to modify their pronunciation of router. ;)

I don't know how they pronounce it in the US. :confused:
In the US it would be a "stuffer" when in quality company and when the boyz are together it would be a "**kker"

I checked with my ISP and they do NOT block port 80.

Rebooting Linux box now with 192.168.1.150 as a fixed IP.

OK, that works fine. Can browse the universe and beyond. Also can see web page on above from Windows box.

Now I will try telling the router to send all port 80 traffic to above number.

OK, can still see web page on Windows box and can still browse web on Linux box.

Will now try to view 203.3.126.224 on web browser. It works! Why the hell wouldn't it work before?

Will try committing the changes to router memory.

That seems to have worked too.

If anyone is still awake out there would they please try to view the page on 203.3.126.224 to make sure that it is visible to the world and let me know. Thanks

This sounds alot like dealing with computers. It does work however. Love the site.


Welcome to the Advanced Extranet Server <CENTER></CENTER><TABLE border=0><TBODY><TR><TD><CENTER><H1>Welcome to Bob Willson's computer <ECHO var="SERVER_NAME" -->!

Running version <ECHO var="SERVER_SOFTWARE" -->. </CENTER></TD></TR>http://203.3.126.224/icons/apacheicon.gif (http://www.apache.org/) The Apache Web Server software on this system may possibly be operational. Try adding content to this file and see how badly it all stuffs up. <TR><TD>Documentation for some standard (http://203.3.126.224/manual/mod/index.html) Apache modules is included. </TD></TR>

</TBODY></TABLE></H1>

yaaaa-bloody-hooo. :D

Yeah, great site isn't it. And I put so much thought into it as well. :D

Just another confirmation: " Bob it works!"

Thanks Joe. :D

If anyone is still awake out there would they please try to view the page on 203.3.126.224 to make sure that it is visible to the world and let me know. Thanks
Bob

Yes, it is working fine now. :)

Rob.

Welcome to the wonderfull world of IT Bob, where stuff that should work doesn't one minute and then inexplicably does the next.;) It can be very frustrating sometimes. Good to see that it's all working though. If you are going to run this linux box as a web server I would suggest a few security measures. You may already have implimented some of these:

Restrict access to your box using tcp wrappers.

i.e Modify your /etc/hosts.deny to contain the line
ALL: ALL

This will deny everything by default
Then modify your /etc/hosts.allow to allow only the stuff you require. i.e ssh

Enable some kind of firewall.

Stop all those nasty little "script kiddies" from continually probing your web server for open ports and possible ways in. I'd suggest you run something like portsentry (http://sourceforge.net/projects/sentrytools/). When anyone tries to port scan your box, chaining rules can be automatically used to stop any further traffic from the scanning IP, this will make your server virtually disappear to anyone intent on mischief.

Good luck and remember to keep your box patched.:)