|

»

openbsd user - misc

Apache box behind Openbsd

View: New views

18 Messages — Rating Filter: Alert me

	Apache box behind Openbsd by Sewan :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi, I have an apache-php website running on windows server 2003 port 80, i have correct rdr rules that pointing my web server, i can view website inside my LAN, but i can't view page outside of my network. I've checked all dns- ip settings, everything's fine but problem continues. I've read at some forums that apache doesn't recognize rdr rules from openbsd, so how can i publish my site ? Thanks...
	Re: Apache box behind Openbsd by Johan Beisser :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Jan 8, 2008, at 8:05 AM, Sewan wrote: > Hi, > > I have an apache-php website running on windows server 2003 port 80, > i have > correct rdr rules that pointing my web server, i can view website > inside my > LAN, but i can't view page outside of my network. I've checked all > dns- ip > settings, everything's fine but problem continues. I've read at some > forums > that apache doesn't recognize rdr rules from openbsd, so how can i > publish > my site ? Thanks... > You could give us more information. Perhaps a copy of your pf.conf. I'd also, if I were you, look at your pflog output. either "live" on pflog0, or through the logs in /var/log.
	Re: Apache box behind Openbsd by Tim Donahue-4 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Quoting Sewan <vargrider@...>: > Hi, > > I have an apache-php website running on windows server 2003 port 80, i have > correct rdr rules that pointing my web server, i can view website inside my > LAN, but i can't view page outside of my network. I've checked all dns- ip > settings, everything's fine but problem continues. I've read at some forums > that apache doesn't recognize rdr rules from openbsd, so how can i publish > my site ? Thanks... > You have a filter rule too? Something like: pass in on $ext_if proto tcp to ($ext_if) port 80 The forums are wrong, I have several apache servers behind PF firewalls with no issues. If this doesn't work, please post a dmesg and your pf ruleset so that we actually have the information we need to help you out. -- Tim Donahue ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.
	Re: Apache box behind Openbsd by Antti Harri :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Tue, 8 Jan 2008, Sewan wrote: > I have an apache-php website running on windows server 2003 port 80, i have > correct rdr rules that pointing my web server, i can view website inside my > LAN, but i can't view page outside of my network. I've checked all dns- ip > settings, everything's fine but problem continues. I've read at some forums > that apache doesn't recognize rdr rules from openbsd, so how can i publish > my site ? Thanks... Errr.. why the hell are you running Apache and PHP on Windows rather than your OpenBSD? PS. your message lacks lots of information concerning your configuration. -- Antti Harri
	Re: Apache box behind Openbsd by Sewan :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message i have rdr on $ext_if proto tcp to 212.175.219.188/32 port 80 -> 172.15.254.207 rule for this operation, if i use same rdr rule with changing destination ip to an iis web server inside LAN, it works, but when i change to this web server (2003-apache-php one) it don't work Johan Beisser wrote: On Jan 8, 2008, at 8:05 AM, Sewan wrote: > Hi, > > I have an apache-php website running on windows server 2003 port 80, > i have > correct rdr rules that pointing my web server, i can view website > inside my > LAN, but i can't view page outside of my network. I've checked all > dns- ip > settings, everything's fine but problem continues. I've read at some > forums > that apache doesn't recognize rdr rules from openbsd, so how can i > publish > my site ? Thanks... > You could give us more information. Perhaps a copy of your pf.conf. I'd also, if I were you, look at your pflog output. either "live" on pflog0, or through the logs in /var/log.
	Re: Apache box behind Openbsd by Dag Richards :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Sewan wrote: > Hi, > > I have an apache-php website running on windows server 2003 port 80, i have > correct rdr rules that pointing my web server, i can view website inside my > LAN, but i can't view page outside of my network. I've checked all dns- ip > settings, everything's fine but problem continues. I've read at some forums > that apache doesn't recognize rdr rules from openbsd, so how can i publish > my site ? Thanks... > You read somewhere that ... what? Oh riiiiight you need to have Linux rdr rules, make sure your database is blue too, that make them faster. Some actual information is required. Try posting say your pf.conf file
	Re: Apache box behind Openbsd by BOFH-5 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message There's the possibility that the isp blocks it. I'm using fios - and inbound 80 is blocked. On 1/8/08, johan beisser <jb@...> wrote: > On Jan 8, 2008, at 8:05 AM, Sewan wrote: > > > Hi, > > > > I have an apache-php website running on windows server 2003 port 80, > > i have > > correct rdr rules that pointing my web server, i can view website > > inside my > > LAN, but i can't view page outside of my network. I've checked all > > dns- ip > > settings, everything's fine but problem continues. I've read at some > > forums > > that apache doesn't recognize rdr rules from openbsd, so how can i > > publish > > my site ? Thanks... > > > > You could give us more information. Perhaps a copy of your pf.conf. > > I'd also, if I were you, look at your pflog output. either "live" on > pflog0, or through the logs in /var/log. > > -- Sent from Gmail for mobile \| mobile.google.com http://www.glumbert.com/media/shift http://www.youtube.com/watch?v=tGvHNNOLnCk "This officer's men seem to follow him merely out of idle curiosity." -- Sandhurst officer cadet evaluation. "Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted." -- Gene Spafford learn french: http://www.youtube.com/watch?v=j1G-3laJJP0&feature=related
	Re: Apache box behind Openbsd by Dusty-7 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message My response was similar. Throw away our windows box and put your site on the bsd box. On Jan 8, 2008 7:00 PM, Antti Harri <iku@...> wrote: > On Tue, 8 Jan 2008, Sewan wrote: > > > I have an apache-php website running on windows server 2003 port 80, i > have > > correct rdr rules that pointing my web server, i can view website inside > my > > LAN, but i can't view page outside of my network. I've checked all dns- > ip > > settings, everything's fine but problem continues. I've read at some > forums > > that apache doesn't recognize rdr rules from openbsd, so how can i > publish > > my site ? Thanks... > > Errr.. why the hell are you running Apache and PHP on Windows rather > than your OpenBSD? > > PS. your message lacks lots of information concerning your > configuration. > > -- > Antti Harri
	Re: Apache box behind Openbsd by Daniel Ouellet :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message > Errr.. why the hell are you running Apache and PHP on Windows rather > than your OpenBSD? Because Stallman make it easy to run HIS version of SUPPOSE free software one Windows. That's why. Stallman as the various treads pointed out many times over, he (Richard) tell everyone else to do things, but he doesn't do it himself.
	Re: Apache box behind Openbsd by Darrin Chandler :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Tue, Jan 08, 2008 at 09:04:03AM -0800, Sewan wrote: > i have > > rdr on $ext_if proto tcp to 212.175.219.188/32 port 80 -> 172.15.254.207 > > rule for this operation, if i use same rdr rule with changing destination ip > to an iis web server inside LAN, it works, but when i change to this web > server (2003-apache-php one) it don't work That's a beginning, but it's still not enough information... Since you have "rdr on ..." instead of "rdr pass on ..." then traffic must be allowed some other way? Perhaps you have a pass rule elsewhere? Or you pass by default? It's impossible to tell without seeing more. If you have a pass rule elsewhere that allows traffic to your IIS box, maybe it's not allowing it for the apache box? -- Darrin Chandler \| Phoenix BSD User Group \| MetaBUG dwchandler@... \| http://phxbug.org/ \| http://metabug.org/ http://www.stilyagin.com/ \| Daemons in the Desert \| Global BUG Federation
	Re: Apache box behind Openbsd by Peter N. M. Hansteen-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Sewan <vargrider@...> writes: > rdr on $ext_if proto tcp to 212.175.219.188/32 port 80 -> 172.15.254.207 the next question then is, what's the matching pass rule? > rule for this operation, if i use same rdr rule with changing destination ip > to an iis web server inside LAN, it works, but when i change to this web > server (2003-apache-php one) it don't work once again, take a very close look at your pass rules. it could even be that the redirected traffic matches that a different pass rule than you think, and the traffic that doesn't pass matches no pass rule. tcpdump is your friend, and ruleset walkthroughs can be fun as well as enlightening. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
	Re: Apache box behind Openbsd by Eric Furman-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Tue, 08 Jan 2008 13:58:37 -0500, "Daniel Ouellet" <daniel@...> said: > > Errr.. why the hell are you running Apache and PHP on Windows rather > > than your OpenBSD? > > Because Stallman make it easy to run HIS version of SUPPOSE free > software one Windows. That's why. Stallman as the various treads pointed > out many times over, he (Richard) tell everyone else to do things, but > he doesn't do it himself. If you are going to post stuff like this please cc Richard.
	Re: Apache box behind Openbsd by Nick Ryan :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Make sure that the windows 2003 firewall isn't set up to block web access. It's caught me out before in the past, although that was on SBS2003. See if you can telnet to port 80 from the OpenBSD firewall to the external interface on the windows box. On 8 Jan 2008, at 17:04, Sewan wrote: > i have > > rdr on $ext_if proto tcp to 212.175.219.188/32 port 80 -> > 172.15.254.207 > > rule for this operation, if i use same rdr rule with changing > destination ip > to an iis web server inside LAN, it works, but when i change to this > web > server (2003-apache-php one) it don't work > > > > > > Johan Beisser wrote: >> >> On Jan 8, 2008, at 8:05 AM, Sewan wrote: >> >>> Hi, >>> >>> I have an apache-php website running on windows server 2003 port 80, >>> i have >>> correct rdr rules that pointing my web server, i can view website >>> inside my >>> LAN, but i can't view page outside of my network. I've checked all >>> dns- ip >>> settings, everything's fine but problem continues. I've read at some >>> forums >>> that apache doesn't recognize rdr rules from openbsd, so how can i >>> publish >>> my site ? Thanks... >>> >> >> You could give us more information. Perhaps a copy of your pf.conf. >> >> I'd also, if I were you, look at your pflog output. either "live" on >> pflog0, or through the logs in /var/log. >> >> >> > > -- > View this message in context: http://www.nabble.com/Apache-box-behind-Openbsd-tp14692638p14693822.html > Sent from the openbsd user - misc mailing list archive at Nabble.com.
	Re: Apache box behind Openbsd by Bugzilla from daniel@dattrix.com :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Aside from missing pass, you seem to be using network notation on this rule, not sure why..but do this instead: rdr pass on $ext_if proto tcp to $ext_if port 80 -> 172.15.254.207 Assuming your $ext_if has one IP and you want that IP to go internal. If your $ext_if has multiple addresses, well then just just that IP without the /32: rdr pass on $ext_if proto tcp to 212.175.219.188 port 80 -> 172.15.254.207 On Tuesday 08 January 2008 09:04:03 am Sewan wrote: >i have > >rdr on $ext_if proto tcp to 212.175.219.188/32 port 80 -> 172.15.254.207 > >rule for this operation, if i use same rdr rule with changing destination ip >to an iis web server inside LAN, it works, but when i change to this web >server (2003-apache-php one) it don't work
	Re: Apache box behind Openbsd by Predrag Punosevac :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message If you are using Apache on the home network you definitely want to check up your modem. I use DSL modem (in USA ) and port 80 is blocked by default. It is trivial though to log into your router (it has a web management) and adjust build in firewall and ports. Speaking of which they suck and I would pass all traffic through OpenBSD box no matter what you do behind. As a matter of fact all my machines (7 in total) except one (media box with Tunapie and Miro running FreeBSD) happily run OpenBSD. Best, Predrag bofh wrote: > There's the possibility that the isp blocks it. I'm using fios - and > inbound 80 is blocked. > > > > On 1/8/08, johan beisser <jb@...> wrote: > >> On Jan 8, 2008, at 8:05 AM, Sewan wrote: >> >> >>> Hi, >>> >>> I have an apache-php website running on windows server 2003 port 80, >>> i have >>> correct rdr rules that pointing my web server, i can view website >>> inside my >>> LAN, but i can't view page outside of my network. I've checked all >>> dns- ip >>> settings, everything's fine but problem continues. I've read at some >>> forums >>> that apache doesn't recognize rdr rules from openbsd, so how can i >>> publish >>> my site ? Thanks... >>> >>> >> You could give us more information. Perhaps a copy of your pf.conf. >> >> I'd also, if I were you, look at your pflog output. either "live" on >> pflog0, or through the logs in /var/log.
	Re: Apache box behind Openbsd by Nick Guenther :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On 1/8/08, Sewan <vargrider@...> wrote: > i have > > rdr on $ext_if proto tcp to 212.175.219.188/32 port 80 -> 172.15.254.207 > > rule for this operation, if i use same rdr rule with changing destination ip > to an iis web server inside LAN, it works, but when i change to this web > server (2003-apache-php one) it don't work > > Can you get at the windows web server from inside the router itself? -Nick
	Re: Apache box behind Openbsd by Unix Fan :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Daniel Ouellet wrote: > Antti Harri wrote: > > Errr.. why the hell are you running Apache and PHP on Windows rather > > than your OpenBSD? > > Because Stallman make it easy to run HIS version of SUPPOSE free > software one Windows. That's why. Stallman as the various treads pointed > out many times over, he (Richard) tell everyone else to do things, but > he doesn't do it himself. While I agree with your anti-Stallmanism attitude, neither Apache or PHP are licenced under the GPL.. in fact, both are BSD-like in some way. http://www.apache.org/licenses/LICENSE-1.0 http://www.apache.org/licenses/LICENSE-1.1 http://www.apache.org/licenses/LICENSE-2.0 http://www.php.net/license/3_01.txt -Nix Fan.
	Re: Apache box behind Openbsd by Whyzzi :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Did you follow 6.2.7 part of the OpenBSD F.A.Q.? http://www.openbsd.org/faq/faq6.html#Setup.forward Cheers, PV On 08/01/2008, Sewan <vargrider@...> wrote: > Hi, > > I have an apache-php website running on windows server 2003 port 80, i have > correct rdr rules that pointing my web server, i can view website inside my > LAN, but i can't view page outside of my network. I've checked all dns- ip > settings, everything's fine but problem continues. I've read at some forums > that apache doesn't recognize rdr rules from openbsd, so how can i publish > my site ? Thanks... > > -- > View this message in context: http://www.nabble.com/Apache-box-behind-Openbsd-tp14692638p14692638.html > Sent from the openbsd user - misc mailing list archive at Nabble.com.