SEARCH

Enter your search query in the box above ^, or use the forum search tool.

You are not logged in.

#1 2012-12-16 22:55:27

antiv0rtex
#! Die Hard
From: Earth
Registered: 2012-10-05
Posts: 574

Simple Apache/port-forwarding question

Good afternoon,

I am trying to set up a functional LAMP server using CrunchBang 11. My ISP (Cox Communications) seems to have blocked port 80, so I want to run the server on a different port: 8090.

My Linksys router is set up to forward like this: image.

I am wondering which Apache configuration files I need to edit in order to get Apache to let me access http://my-ip-address:8090/, and specifically what to change them to.

I know almost nothing about networking/port-forwarding/Apache, so this project has been very educational. This is the only remaining stumbling-block until I have a functioning LAMP server in my bedroom! smile

Regards,

/R3nCi/

Last edited by antiv0rtex (2012-12-16 22:55:55)

Offline

Help fund CrunchBang, donate to the project!

#2 2012-12-17 03:53:00

jst_joe
#! Junkie
From: Here, There and After
Registered: 2012-07-03
Posts: 297

Re: Simple Apache/port-forwarding question

Edit /etc/apache2/ports.conf

If your ISP doesn't block port 80 I would set your router externet port to that.
Hope that helps.

Edit: sorry just reread your OP ports.conf should do the trick,
also check /etc/apache2/apache2.conf for these lines

# Include the virtual host configurations:
Include sites-enabled/
NameVirtualHost 192.168.1.xxx:80
NameVirtualHost 192.168.1.xxx:443

and change if needed.

Last edited by jst_joe (2012-12-17 04:07:37)


A person who has a cat by the tail knows a whole lot more about cats than someone who has just read about them.
Mark Twain

Offline

#3 2012-12-26 03:49:42

antiv0rtex
#! Die Hard
From: Earth
Registered: 2012-10-05
Posts: 574

Re: Simple Apache/port-forwarding question

My apologies for the late reply; I have not had access to this server-box for the past while.

I have managed to edit ports.conf and /etc/apache2/sites-available/default in such a manner as to be able to view /var/www/index.html by accessing "http://localhost:8080" (8080 is my new 'target port' as opposed to 8090; my router's port-forwarding settings - shown in my first post - have been updated to reflect this). However, accessing IP:8080 does not show this same index.html; rather, the connection times out.

Any suggestions? smile

edit: I can post copies of my ports.conf and /etc/apache2/sites-available/default, if need be.

Last edited by antiv0rtex (2012-12-26 03:55:05)

Offline

#4 2012-12-27 05:39:37

jst_joe
#! Junkie
From: Here, There and After
Registered: 2012-07-03
Posts: 297

Re: Simple Apache/port-forwarding question

Try External Port 8080 to Internal Port 8080 on your router, also try accessing your website from http://downforme.org.
If you can access your site from the link then your router is not allowing loopback from your lan to your wan IP.
[Edit to add]
You won't view your website from the link but it will tell you if it's accessible from the internet.

Last edited by jst_joe (2012-12-27 05:44:07)


A person who has a cat by the tail knows a whole lot more about cats than someone who has just read about them.
Mark Twain

Offline

#5 2012-12-27 18:28:09

antiv0rtex
#! Die Hard
From: Earth
Registered: 2012-10-05
Posts: 574

Re: Simple Apache/port-forwarding question

jst_joe wrote:

Try External Port 8080 to Internal Port 8080 on your router, also try accessing your website from http://downforme.org.
If you can access your site from the link then your router is not allowing loopback from your lan to your wan IP.
[Edit to add]
You won't view your website from the link but it will tell you if it's accessible from the internet.

Hm. I have amended my router settings as such. Downforme is showing my IP address as being "up", but won't let me specify the non-standard port 8080 in my query so it is probably looking at my router's admin login page. isup.me is showing IP:8080 as down.

Here are the apache2 config files in question:

/etc/apache2/apache2.conf

#
# Based upon the NCSA server configuration files originally by Rob McCool.
#
# This is the main Apache server configuration file.  It contains the
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs/2.2/ for detailed information about
# the directives.
#
# Do NOT simply read the instructions in here without understanding
# what they do.  They're here only as hints or reminders.  If you are unsure
# consult the online docs. You have been warned.  
#
# The configuration directives are grouped into three basic sections:
#  1. Directives that control the operation of the Apache server process as a
#     whole (the 'global environment').
#  2. Directives that define the parameters of the 'main' or 'default' server,
#     which responds to requests that aren't handled by a virtual host.
#     These directives also provide default values for the settings
#     of all virtual hosts.
#  3. Settings for virtual hosts, which allow Web requests to be sent to
#     different IP addresses or hostnames and have them handled by the
#     same Apache server process.
#
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path.  If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "foo.log"
# with ServerRoot set to "/etc/apache2" will be interpreted by the
# server as "/etc/apache2/foo.log".
#

### Section 1: Global Environment
#
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests it can handle or where it
# can find its configuration files.
#

#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE!  If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the LockFile documentation (available
# at <URL:http://httpd.apache.org/docs/2.2/mod/mpm_common.html#lockfile>);
# you will save yourself a lot of trouble.
#
# Do NOT add a slash at the end of the directory path.
#
#ServerRoot "/etc/apache2"

#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
LockFile ${APACHE_LOCK_DIR}/accept.lock

#
# PidFile: The file in which the server should record its process
# identification number when it starts.
# This needs to be set in /etc/apache2/envvars
#
PidFile ${APACHE_PID_FILE}

#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300

#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On

#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100

#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 15

##
## Server-Pool Size Regulation (MPM specific)
## 

# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_prefork_module>
    StartServers          5
    MinSpareServers       5
    MaxSpareServers      10
    MaxClients          150
    MaxRequestsPerChild   0
</IfModule>

# worker MPM
# StartServers: initial number of server processes to start
# MaxClients: maximum number of simultaneous client connections
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadLimit: ThreadsPerChild can be changed to this maximum value during a
#              graceful restart. ThreadLimit can only be changed by stopping
#              and starting Apache.
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_worker_module>
    StartServers          2
    MinSpareThreads      25
    MaxSpareThreads      75 
    ThreadLimit          64
    ThreadsPerChild      25
    MaxClients          150
    MaxRequestsPerChild   0
</IfModule>

# event MPM
# StartServers: initial number of server processes to start
# MaxClients: maximum number of simultaneous client connections
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_event_module>
    StartServers          2
    MaxClients          150
    MinSpareThreads      25
    MaxSpareThreads      75 
    ThreadLimit          64
    ThreadsPerChild      25
    MaxRequestsPerChild   0
</IfModule>

# These need to be set in /etc/apache2/envvars
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}

#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives.  See also the AllowOverride
# directive.
#

AccessFileName .htaccess

#
# The following lines prevent .htaccess and .htpasswd files from being 
# viewed by Web clients. 
#
<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
    Satisfy all
</Files>

#
# DefaultType is the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value.  If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
#
DefaultType text/plain


#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off

# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here.  If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog ${APACHE_LOG_DIR}/error.log

#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn

# Include module configuration:
Include mods-enabled/*.load
Include mods-enabled/*.conf

# Include all the user configurations:
Include httpd.conf

# Include ports listing
Include ports.conf

#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
# If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

# Include of directories ignores editors' and dpkg's backup files,
# see README.Debian for details.

# Include generic snippets of statements
Include conf.d/

# Include the virtual host configurations:
Include sites-enabled/

/etc/apache2/ports.conf

# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default
# This is also true if you have upgraded from before 2.2.9-3 (i.e. from
# Debian etch). See /usr/share/doc/apache2.2-common/NEWS.Debian.gz and
# README.Debian.gz

NameVirtualHost *:8080
Listen 8080

<IfModule mod_ssl.c>
    # If you add NameVirtualHost *:443 here, you will also have to change
    # the VirtualHost statement in /etc/apache2/sites-available/default-ssl
    # to <VirtualHost *:443>
    # Server Name Indication for SSL named virtual hosts is currently not
    # supported by MSIE on Windows XP.
    Listen 443
</IfModule>

<IfModule mod_gnutls.c>
    Listen 443
</IfModule>

/etc/sites-available/default

<VirtualHost *:8080>
	ServerAdmin localhost@localhost

	DocumentRoot /var/www
	<Directory />
		Options FollowSymLinks
		AllowOverride None
	</Directory>
	<Directory /var/www/>
		Options Indexes FollowSymLinks MultiViews
		AllowOverride All
		Order allow,deny
		allow from all
	</Directory>

	ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
	<Directory "/usr/lib/cgi-bin">
		AllowOverride None
		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
		Order allow,deny
		Allow from all
	</Directory>

	ErrorLog ${APACHE_LOG_DIR}/error.log

	# Possible values include: debug, info, notice, warn, error, crit,
	# alert, emerg.
	LogLevel warn

	CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Despite the fact that this is a (very) frustrating problem, being so close and yet so far so many times has taught me A LOT about networking, servers, and Linux in general. This is fascinating!

edit: localhost:8080 and 127.0.0.1:8080 both show the default /var/www/index.html, which is good. At least I haven't hopelessly borked Apache... yet... angel

Last edited by antiv0rtex (2012-12-27 18:32:10)

Offline

#6 2012-12-28 00:24:52

jst_joe
#! Junkie
From: Here, There and After
Registered: 2012-07-03
Posts: 297

Re: Simple Apache/port-forwarding question

Everything looks OK in your config files, I'm wondering if Cox is blocking 8080 also.
Try https://www.grc.com/x/ne.dll?bh0bkyd2 you can scan selected ports, to check if they're available. Or you can install and run NMAP.

Joe


A person who has a cat by the tail knows a whole lot more about cats than someone who has just read about them.
Mark Twain

Offline

#7 2012-12-28 04:07:46

antiv0rtex
#! Die Hard
From: Earth
Registered: 2012-10-05
Posts: 574

Re: Simple Apache/port-forwarding question

jst_joe wrote:

Everything looks OK in your config files, I'm wondering if Cox is blocking 8080 also.
Try https://www.grc.com/x/ne.dll?bh0bkyd2 you can scan selected ports, to check if they're available. Or you can install and run NMAP.

Joe

GRC tells me:

----------------------------------------------------------------------

GRC Port Authority Report created on UTC: 2012-12-28 at 04:03:53

Results from scan of ports: 0, 21-23, 25, 79, 80, 110, 113, 
                            119, 135, 139, 143, 389, 443, 445, 
                            1002, 1024-1030, 1720, 5000

    0 Ports Open
    0 Ports Closed
   26 Ports Stealth
---------------------
   26 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: FAILED - ALL tested ports were STEALTH,
                   - NO unsolicited packets were received,
                   - A PING REPLY (ICMP Echo) WAS RECEIVED.

----------------------------------------------------------------------

Being no great network-expert, I'm honestly not that sure how to decode this. I can say, however, that WhatIsMyIP.org's server port scanner shows pretty much everything it looked at as being timed-out/blocked. 8080 also shows as timing out.

Offline

#8 2012-12-28 18:08:18

antiv0rtex
#! Die Hard
From: Earth
Registered: 2012-10-05
Posts: 574

Re: Simple Apache/port-forwarding question

I've changed the target-port to 4080 and edited my config files and router settings. Result:

lawrence@www:~$ /etc/init.d/apache2 reload
Reloading web server config: apache2apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
httpd not running, trying to start
(98)Address already in use: make_sock: could not bind to address [::]:4080
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:4080
no listening sockets available, shutting down
Unable to open logs
Action 'graceful' failed.
The Apache error log may have more information.
 failed!
lawrence@www:~$ 

Offline

#9 2012-12-28 18:23:50

antiv0rtex
#! Die Hard
From: Earth
Registered: 2012-10-05
Posts: 574

Re: Simple Apache/port-forwarding question

...and yet /etc/init.d/apache2 restart goes without a hitch! 127.0.0.1:4080 and localhost:4080 both show the default Apache "It works!" page.

http://www.canyouseeme.org/ tells me that they are not detecting any service running on port 4080.

Last edited by antiv0rtex (2012-12-28 18:24:59)

Offline

#10 2012-12-28 22:30:56

antiv0rtex
#! Die Hard
From: Earth
Registered: 2012-10-05
Posts: 574

Re: Simple Apache/port-forwarding question

Well, that was somewhat stupid.

I just realized - and then confirmed by looking in the router's port-forwarding settings - that I had been forwarding port 80/4080 to the wrong (internal) IP address - 192.168.1.117 as opposed to 192.168.1.103 lol

I've changed the settings accordingly; now, I am able to access the Apache "It works" page from 127.0.0.1:4080, localhost:4080 and 192.168.1.103:4080. CanYouSeeMe.org now shows MyExternalIPAdress:4080 as "connection refused",  which I assume is just the result of some misconfiguration in my router settings or Apache config files. Any suggestions?

Offline

#11 2012-12-28 23:27:30

antiv0rtex
#! Die Hard
From: Earth
Registered: 2012-10-05
Posts: 574

Re: Simple Apache/port-forwarding question

I've posted this on LQ, as well: https://www.linuxquestions.org/question … ?p=4858745

R3nCi - LQ wrote:

Good afternoon,

I am running CrunchBang Statler (based on Debian Squeeze/Stable) on an HP Compaq dx2200 Microtower with a 250GB internal hard drive. This machine is connected to the internet via an ethernet connection, which in turn is supplied from the back of a Linksys WRT300N router with stock firmware.

I am trying to coax my apache2 server into running on port 4080. I have forwarded Externet port 4080 and Internet Port 80 to 192.168.1.103, the server-machine's internal IP address. With this setup, I am able to see the server's index.html file by the following methods of access:

localhost:4080
127.0.0.1:4080
192.168.1.103:4080

However, attempting to access the index.html file by entering my proper external IP address followed by the port number, the connection times out. canyouseeme.org shows port 4080 as timing out as well.

I'd love to have this server up and running sometime today or tommorrow, or worst-case-scenario by Tuesday if at all possible.

Any suggestions?

edit: swallowed my misgivings and posted this on forums.debian.net as well: http://forums.debian.net/viewtopic.php? … 3&p=467220

Last edited by antiv0rtex (2012-12-29 00:06:27)

Offline

#12 2012-12-29 02:04:59

jst_joe
#! Junkie
From: Here, There and After
Registered: 2012-07-03
Posts: 297

Re: Simple Apache/port-forwarding question

R3nCi wrote:

connection refused

Check the permissions on your www directory.


A person who has a cat by the tail knows a whole lot more about cats than someone who has just read about them.
Mark Twain

Offline

#13 2012-12-29 04:32:47

antiv0rtex
#! Die Hard
From: Earth
Registered: 2012-10-05
Posts: 574

Re: Simple Apache/port-forwarding question

jst_joe wrote:
R3nCi wrote:

connection refused

Check the permissions on your www directory.

All right, now I am thoroughly confused.

In researching the best permission-set to associate with /var/www/ for a public server, I came across a post which urged one to change one's DocumentRoot to /srv/www/ instead. Therefore, I cd'd to /srv/ and cd'd 'www'. I then attempted to reload Apache, which threw back some strange error about being unable to bind the sock of something to port 4080, or something to that effect (I didn't capture the message, and I don't know where to look to see if it was logged). I then did a bit of further editing to the Apache config files, and suddenly /etc/init.d/apache2 reload worked perfectly.

lawrence@www:~$ sudo /etc/init.d/apache2 reload
[sudo] password for lawrence: 
Reloading web server config: apache2apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName.
lawrence@www:~$ 

Yet accessing localhost:4080 shows me the index.html file located in /var/www/.

yikes yikes yikes

In short, I now may or may not need to check the permissions on /var/www/. I'm entirely unsure! Heeeelllllllllppppp! (<---- with as much echo and reverb as humanly possible)

Offline

#14 2012-12-29 05:32:02

antiv0rtex
#! Die Hard
From: Earth
Registered: 2012-10-05
Posts: 574

Re: Simple Apache/port-forwarding question

Interesting. localhost:4080 shows the index.html located in /var/www/, but 127.0.0.1:4080 shows the index.html from /srv/www/. The plot thickens!

Offline

#15 2012-12-29 20:11:37

antiv0rtex
#! Die Hard
From: Earth
Registered: 2012-10-05
Posts: 574

Re: Simple Apache/port-forwarding question

Well, posting this on the Debian User Forums ended better than expected, in that now I actually have a working LAMP server!

I've been trying for months to get this working, so it's a very nice feeling to see the "Index of /" visible on my public IP... finally!

Thanks to you all and to the folks at forums.debian.net!

http://waldorfworks.wirehound.com:4080/

Offline

#16 2012-12-29 21:32:29

jst_joe
#! Junkie
From: Here, There and After
Registered: 2012-07-03
Posts: 297

Re: Simple Apache/port-forwarding question

I'm getting "Iceweasel can't establish a connection to the server at waldorfworks.wirehound.com:4080" at that link.

[edit to add]:
I just read your post at http://forums.debian.net/viewtopic.php? … 3&p=467220 see if your router is capable of a dd-wrt flash. If it is you'll have much more control over port forwarding. Glad to hear you're getting positive results.

Last edited by jst_joe (2012-12-29 21:41:50)


A person who has a cat by the tail knows a whole lot more about cats than someone who has just read about them.
Mark Twain

Offline

#17 2012-12-30 07:00:29

antiv0rtex
#! Die Hard
From: Earth
Registered: 2012-10-05
Posts: 574

Re: Simple Apache/port-forwarding question

jst_joe wrote:

I'm getting "Iceweasel can't establish a connection to the server at waldorfworks.wirehound.com:4080" at that link.

Yes, I am trying to decide between setting port 4080 or 8080. Probably by the time you clicked the link I had changed it smile

edit: also, my IP appears to have changed. I borked the router and had to reset it to factory defaults; looks like I forgot to re-static-IP-ize it  roll

Last edited by antiv0rtex (2012-12-30 07:11:20)

Offline

#18 2012-12-30 20:51:54

antiv0rtex
#! Die Hard
From: Earth
Registered: 2012-10-05
Posts: 574

Re: Simple Apache/port-forwarding question

crossposted from forums.debian.net

dasein wrote:

Glad you got your problem sorted out, at least in the Very Short Term.

Now it seems to be solved in the Very Medium Term. As I posted on LQ:

I've re-thought this DMZ thing. I'm not going to do that for long; it's just too insecure. I'd much rather learn about server security using this real-life application than just take the easy way out and have to spend a lot more time in the long run stressing because someone got in and reset my root password and I don't have a backup and blah blah blah.

I'm leaving DMZ enabled for the moment, but over the next few days I plan to work on getting the port-forwarding functioning properly so that the box will still be within the router's firewall.

One of my first steps will be to install DD-WRT on my router; this will not only replace the antiquated (early 2006) Linksys firmware which currently makes everything tick, but also will be another interesting educational experience.

and shortly afterward:

Waaaaaaaaait just one second. I just disabled DMZ and everything is still working, even after a cache-clearing and restart of Iceweasel! I think I actually may have managed to get it to work without resorting to the insecure/easy DMZ method!

Could someone please try accessing http://homelampservertesting.solitary.org/ and report back? (the waldorfworks URL no longer exists)

smile

Offline

#19 2012-12-30 22:35:44

antiv0rtex
#! Die Hard
From: Earth
Registered: 2012-10-05
Posts: 574

Re: Simple Apache/port-forwarding question

Well, the folks at the Debian User Forums have proven themselves to be unpleasant yet again. The user dasein, who has been helping me along for a while now, just posted:

Ah. You're a "forum-shopper." Wish I'd known that sooner, but glad that I know it now.

After which he quoted my post, "I just disabled DMZ and everything is still working". His response:

No it isn't, at all. (I checked the URL you posted.) And there's no even remotely plausible way for it to be working unless your initial problem report was massively wrong. Best of luck to you and the folks at LQ.

How is it that you guys at crunchbang.org somehow manage to be in such a different universe (one where users are actually civil and pleasant to one another) to the Debian forums? lol

Last edited by antiv0rtex (2012-12-30 22:39:01)

Offline

#20 2012-12-31 05:01:10

jst_joe
#! Junkie
From: Here, There and After
Registered: 2012-07-03
Posts: 297

Re: Simple Apache/port-forwarding question

http://homelampservertesting.solitary.org/ is timing out for me.

R3nCi wrote:

How is it that you guys at crunchbang.org somehow manage to be in such a different universe (one where users are actually civil and pleasant to one another) to the Debian forums? lol

When you treat others with respect, you usually get the same in return.  wink


A person who has a cat by the tail knows a whole lot more about cats than someone who has just read about them.
Mark Twain

Offline

#21 2012-12-31 18:52:36

antiv0rtex
#! Die Hard
From: Earth
Registered: 2012-10-05
Posts: 574

Re: Simple Apache/port-forwarding question

jst_joe wrote:

I'm not surprised. I think I must have something set up wrong. Just a moment...

Offline

#22 2012-12-31 18:56:09

antiv0rtex
#! Die Hard
From: Earth
Registered: 2012-10-05
Posts: 574

Re: Simple Apache/port-forwarding question

Hm. My external IP:8080, localhost:8080, 127.0.0.1:8080 and my internal IP:8080 are all showing the correct index.html file when accessed from the host/server machine, but /etc/init.d/apache2 reload fails:

lawrence@www:~$ /etc/init.d/apache2 reload
Reloading web server config: apache2apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
[Mon Dec 31 10:50:47 2012] [warn] NameVirtualHost *:0 has no VirtualHosts
httpd not running, trying to start
(98)Address already in use: make_sock: could not bind to address [::]:8080
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:8080
no listening sockets available, shutting down
Unable to open logs
Action 'graceful' failed.
The Apache error log may have more information.
 failed!
lawrence@www:~$

Offline

#23 2012-12-31 19:04:42

antiv0rtex
#! Die Hard
From: Earth
Registered: 2012-10-05
Posts: 574

Re: Simple Apache/port-forwarding question

/etc/apache2/apache2.conf

#
# Based upon the NCSA server configuration files originally by Rob McCool.
#
# This is the main Apache server configuration file.  It contains the
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs/2.2/ for detailed information about
# the directives.
#
# Do NOT simply read the instructions in here without understanding
# what they do.  They're here only as hints or reminders.  If you are unsure
# consult the online docs. You have been warned.  
#
# The configuration directives are grouped into three basic sections:
#  1. Directives that control the operation of the Apache server process as a
#     whole (the 'global environment').
#  2. Directives that define the parameters of the 'main' or 'default' server,
#     which responds to requests that aren't handled by a virtual host.
#     These directives also provide default values for the settings
#     of all virtual hosts.
#  3. Settings for virtual hosts, which allow Web requests to be sent to
#     different IP addresses or hostnames and have them handled by the
#     same Apache server process.
#
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path.  If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "foo.log"
# with ServerRoot set to "/etc/apache2" will be interpreted by the
# server as "/etc/apache2/foo.log".
#

### Section 1: Global Environment
#
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests it can handle or where it
# can find its configuration files.
#

#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE!  If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the LockFile documentation (available
# at <URL:http://httpd.apache.org/docs/2.2/mod/mpm_common.html#lockfile>);
# you will save yourself a lot of trouble.
#
# Do NOT add a slash at the end of the directory path.
#
#ServerRoot "/etc/apache2"

#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
LockFile ${APACHE_LOCK_DIR}/accept.lock

#
# PidFile: The file in which the server should record its process
# identification number when it starts.
# This needs to be set in /etc/apache2/envvars
#
PidFile ${APACHE_PID_FILE}

#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300

#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On

#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100

#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 15

##
## Server-Pool Size Regulation (MPM specific)
## 

# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_prefork_module>
    StartServers          5
    MinSpareServers       5
    MaxSpareServers      10
    MaxClients          150
    MaxRequestsPerChild   0
</IfModule>

# worker MPM
# StartServers: initial number of server processes to start
# MaxClients: maximum number of simultaneous client connections
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadLimit: ThreadsPerChild can be changed to this maximum value during a
#              graceful restart. ThreadLimit can only be changed by stopping
#              and starting Apache.
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_worker_module>
    StartServers          2
    MinSpareThreads      25
    MaxSpareThreads      75 
    ThreadLimit          64
    ThreadsPerChild      25
    MaxClients          150
    MaxRequestsPerChild   0
</IfModule>

# event MPM
# StartServers: initial number of server processes to start
# MaxClients: maximum number of simultaneous client connections
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_event_module>
    StartServers          2
    MaxClients          150
    MinSpareThreads      25
    MaxSpareThreads      75 
    ThreadLimit          64
    ThreadsPerChild      25
    MaxRequestsPerChild   0
</IfModule>

# These need to be set in /etc/apache2/envvars
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}

#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives.  See also the AllowOverride
# directive.
#

AccessFileName .htaccess

#
# The following lines prevent .htaccess and .htpasswd files from being 
# viewed by Web clients. 
#
<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
    Satisfy all
</Files>

#
# DefaultType is the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value.  If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
#
DefaultType text/plain


#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off

# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here.  If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog ${APACHE_LOG_DIR}/error.log

#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn

# Include module configuration:
Include mods-enabled/*.load
Include mods-enabled/*.conf

# Include all the user configurations:
Include httpd.conf

# Include ports listing
Include ports.conf

#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
# If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

# Include of directories ignores editors' and dpkg's backup files,
# see README.Debian for details.

# Include generic snippets of statements
Include conf.d/

# Include the virtual host configurations:
Include sites-enabled/

_______
/etc/apache2/ports.conf

# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default
# This is also true if you have upgraded from before 2.2.9-3 (i.e. from
# Debian etch). See /usr/share/doc/apache2.2-common/NEWS.Debian.gz and
# README.Debian.gz

NameVirtualHost MyExternalIPAddress:8080
Listen 8080

<IfModule mod_ssl.c>
    # If you add NameVirtualHost *:443 here, you will also have to change
    # the VirtualHost statement in /etc/apache2/sites-available/default-ssl
    # to <VirtualHost *:443>
    # Server Name Indication for SSL named virtual hosts is currently not
    # supported by MSIE on Windows XP.
    Listen 443
</IfModule>

<IfModule mod_gnutls.c>
    Listen 443
</IfModule>

/etc/apache2/sites-available/default

<VirtualHost MyExternalIPAddress:8080>
	ServerAdmin localhost@localhost

	DocumentRoot /srv/www
	<Directory />
		Options FollowSymLinks
		AllowOverride None
	</Directory>
	<Directory /srv/www/>
		Options Indexes FollowSymLinks MultiViews
		AllowOverride All
		Order allow,deny
		allow from all
	</Directory>

	ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
	<Directory "/usr/lib/cgi-bin">
		AllowOverride None
		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
		Order allow,deny
		Allow from all
	</Directory>

	ErrorLog ${APACHE_LOG_DIR}/error.log

	# Possible values include: debug, info, notice, warn, error, crit,
	# alert, emerg.
	LogLevel warn

	CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

_______

/etc/apache2/conf.d/virtual.conf

#
#  We're running multiple virtual hosts.
#
NameVirtualHost *

router port-forwarding settings:

http://i.imgur.com/nExKj.png
http://i.imgur.com/xwP4V.png

Last edited by antiv0rtex (2012-12-31 19:11:50)

Offline

#24 2012-12-31 22:24:46

disfarmer
#! Member
From: Youngsville, New York
Registered: 2010-01-07
Posts: 55

Re: Simple Apache/port-forwarding question

I'm not sure if I can help since, when I do get something difficult working, I'm never sure what it was that did the magic. I've got LAMPP working on my computer--I mostly use it as a testing server for websites I'm working on. But I can access it non-locally. (Uhhh, remotely, I mean).

On my router, the only thing I did was to make the change that you have on your "Single Port Forwarding" screen. My router reads a little differently but is essentially the same. If I were you, I disable that top HTTP and focus on the custom one you set up below. I'm confused why it reads "http1" in the screen shot. I would try changing it to just "HTTP". Also try reversing the Extranet / Internet settings. Change Externet to 80 and Internet to 8080. That makes more sense to me but my router labels these "Private Port" and "Public Port" so I don't know.

I didn't change any of the Apache config files that you mention. I did have to change /opt/lampp/etc/extra/httpd-xampp.conf to allow for access from locations other than 127.0.0 . But if the rest is working, you'll get a message on your browser telling you this when you try to access your website remotely.

I did not add anything to the port-range forwarding screen on the router. It doesn't seem necessary since you are only forwarding one port, not a range of ports. And maybe it conflicts with the other setting.


"Ten thousand people shouting the same thing makes it false--even if it happens to be true." - Søren Kierkegaard

Offline

Help fund CrunchBang, donate to the project!

#25 2013-01-01 01:47:00

jst_joe
#! Junkie
From: Here, There and After
Registered: 2012-07-03
Posts: 297

Re: Simple Apache/port-forwarding question

@R3nCi
Since localhost:8080 and your internal IP:8080 are working then LAMP is working.
The problem is access from the web, external to internal ports are set to the same port on my router.
I have 3 sites running on my server acc-wtn.org, ccs-wtn.com and gwrra-tn-n.org same external IP address.
Ping all 3 and you'll see, DNS and Apache take care of what site gets displayed.
Your problem seems to be with your router if you can flash dd-wrt it takes care of NAT much more efficiently.
Be careful with a dd-wrt flash though, read the forums and wiki for your router or you can BRICK it.
Hope this helps and don't get discouraged once you figure out what the problem is you'll be able to do it with your eyes closed.

Joe


A person who has a cat by the tail knows a whole lot more about cats than someone who has just read about them.
Mark Twain

Offline

Board footer

Powered by FluxBB

Copyright © 2012 CrunchBang Linux.
Proudly powered by Debian. Hosted by Linode.
Debian is a registered trademark of Software in the Public Interest, Inc.

Debian Logo