listening on ports other than 80

i have redhat 9.0 fedora installation.
i have apache running and internet users can see my web pages.
i have the sun java systems server running and internet users can not access my applications
Within my LAN I can access everything.
i changed apache to listen on port 81 and set up a listener for my java apps. on port 80
then i went to a an internet point out side my lan and i was able to access the java apps
but not the web sites running under apache.
My network settings should not have changed since the installation.
The only other thing that may be causing a problem because i am not completely sure
how it should be configured is my proxy server (privoxy) it listens on port 8118 i.e.

listen-address     :8118

this is just so workstations on my lan can access the internet.

I need to know what and how to change to let outsiders access other ports .

Thanks,
paul.







 






pfcitAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

kidomanCommented:
Hi,

The default configured gateway on ur machine is blocking u from allowing other ports be accessible over the internetl.

try this:

iptables -A INPUT -p all -i eth0 --dport 81 -j ACCEPT

where:

eth0 is the interface connected to the internet.
81 is the other port u want to allow acces to.

however a more elegant way would be to modify the redhat configured firewall and allow for packets to be accepted.

Cheers,

Karan
0
pfcitAuthor Commented:
thanks alot.
tell me more about the more elegant way
can you point me to some reasonably concise documentation on this.
paul.
0
pfcitAuthor Commented:
karan, how can i allocate points to you? i cannot see any links on this page that let one do this.?
0
Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

kidomanCommented:
hi,

the more elegant way (elegant because you are only modifying 1 line.) is to modify the iptables config file in the /etc/sysconfig directory and add the appropiate parts into the file. if u observer the file for a moment, you will see the general layout of the file and add the appropiate command there and then, you wont need to create a new file to be executed at startup. also, you could use a:

iptables-save > /etc/sysconfig/iptables

and be done. ensure that you have actually create the rule i specified before dumping the rule set into the file. it will be applied automatically the next time you start.

and about assigning the points: see a button called "Accept" next to my comment. click on that, then assign a appropiate grade, then you are done.

cheers,

karan
0
kidomanCommented:
This is where i learned my iptables, http://iptables-tutorial.frozentux.net/iptables-tutorial.html

Cant say it is very concise but defi worth a read (or a glance or two.)

Cheers,

Karan
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
pfcitAuthor Commented:
thanks karen,

i will have to investigate the config files you mention but not to day.

i typed in your suggested iptables command. it didn't like the --dport parameter so
i changed the -p paramter value from all to tcp and it accepted it went to a library
to access the internet and it did not let me in on that port. my url is:

http://www.hca.ath.cx which will bring up a website on the apache server (port 80)
but port 8686 which  i opened  with

     iptables -A INPUT -p tcp -i eth0 --dport 8686  -j ACCEPT

http://www.hca.ath.cx:8686 which my j2ee server is listening onstill seems to be blocked.
it should present a sample j2ee app called bookstore as it does within my lan.

i think this proxy i have privoxy only monitors outgoing requests but i am not sure.

i suppose i have a challange for the weekend. would be nice to have a second internet line
to test it though.
 
0
kidomanCommented:
hi.... one thing.

i think i know what is happening here. but i hv to run to college. so i will get back to u later.

karan
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.