[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

listening on ports other than 80

Posted on 2004-11-04
7
Medium Priority
?
194 Views
Last Modified: 2010-03-18
i have redhat 9.0 fedora installation.
i have apache running and internet users can see my web pages.
i have the sun java systems server running and internet users can not access my applications
Within my LAN I can access everything.
i changed apache to listen on port 81 and set up a listener for my java apps. on port 80
then i went to a an internet point out side my lan and i was able to access the java apps
but not the web sites running under apache.
My network settings should not have changed since the installation.
The only other thing that may be causing a problem because i am not completely sure
how it should be configured is my proxy server (privoxy) it listens on port 8118 i.e.

listen-address     :8118

this is just so workstations on my lan can access the internet.

I need to know what and how to change to let outsiders access other ports .

Thanks,
paul.







 






0
Comment
Question by:pfcit
  • 4
  • 3
7 Comments
 
LVL 2

Expert Comment

by:kidoman
ID: 12497933
Hi,

The default configured gateway on ur machine is blocking u from allowing other ports be accessible over the internetl.

try this:

iptables -A INPUT -p all -i eth0 --dport 81 -j ACCEPT

where:

eth0 is the interface connected to the internet.
81 is the other port u want to allow acces to.

however a more elegant way would be to modify the redhat configured firewall and allow for packets to be accepted.

Cheers,

Karan
0
 

Author Comment

by:pfcit
ID: 12502893
thanks alot.
tell me more about the more elegant way
can you point me to some reasonably concise documentation on this.
paul.
0
 

Author Comment

by:pfcit
ID: 12502944
karan, how can i allocate points to you? i cannot see any links on this page that let one do this.?
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 2

Expert Comment

by:kidoman
ID: 12508140
hi,

the more elegant way (elegant because you are only modifying 1 line.) is to modify the iptables config file in the /etc/sysconfig directory and add the appropiate parts into the file. if u observer the file for a moment, you will see the general layout of the file and add the appropiate command there and then, you wont need to create a new file to be executed at startup. also, you could use a:

iptables-save > /etc/sysconfig/iptables

and be done. ensure that you have actually create the rule i specified before dumping the rule set into the file. it will be applied automatically the next time you start.

and about assigning the points: see a button called "Accept" next to my comment. click on that, then assign a appropiate grade, then you are done.

cheers,

karan
0
 
LVL 2

Accepted Solution

by:
kidoman earned 1000 total points
ID: 12508153
This is where i learned my iptables, http://iptables-tutorial.frozentux.net/iptables-tutorial.html

Cant say it is very concise but defi worth a read (or a glance or two.)

Cheers,

Karan
0
 

Author Comment

by:pfcit
ID: 12508783
thanks karen,

i will have to investigate the config files you mention but not to day.

i typed in your suggested iptables command. it didn't like the --dport parameter so
i changed the -p paramter value from all to tcp and it accepted it went to a library
to access the internet and it did not let me in on that port. my url is:

http://www.hca.ath.cx which will bring up a website on the apache server (port 80)
but port 8686 which  i opened  with

     iptables -A INPUT -p tcp -i eth0 --dport 8686  -j ACCEPT

http://www.hca.ath.cx:8686 which my j2ee server is listening onstill seems to be blocked.
it should present a sample j2ee app called bookstore as it does within my lan.

i think this proxy i have privoxy only monitors outgoing requests but i am not sure.

i suppose i have a challange for the weekend. would be nice to have a second internet line
to test it though.
 
0
 
LVL 2

Expert Comment

by:kidoman
ID: 12515940
hi.... one thing.

i think i know what is happening here. but i hv to run to college. so i will get back to u later.

karan
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
With just a little bit of  SQL and VBA, many doors open to cool things like synchronize a list box to display data relevant to other information on a form.  If you have never written code or looked at an SQL statement before, no problem! ...  give i…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question