Apache not responding- iptables blocking it?

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> General Questions
Author Message
phoebus
DD-WRT Novice


Joined: 21 Feb 2012
Posts: 3

PostPosted: Tue Feb 21, 2012 14:44    Post subject: Apache not responding- iptables blocking it? Reply with quote
I setup webmin to https-only and installed apache using ipkg-opt. I set up apache, put it to port 8080, added user www (who can access document_root) and it *should* work but I never get response from the server.

I figured out something ust be blocking it because the connection goes to "ESTABLISHED" and after a timeout "CLOSE_WAIT". So the apache answered but the data never got to the client:
tcp 2 0 0.0.0.0:8080 0.0.0.0:* LISTEN
tcp 172 0 127.0.0.1:8080 127.0.0.1:46638 CLOSE_WAIT
tcp 302 0 192.168.1.1:8080 192.168.1.25:41756 ESTABLISHED

iptables output:
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
root@May:~# iptables -L INPUT
Chain INPUT (policy ACCEPT)
target prot opt source destination
logdrop tcp -- anywhere anywhere tcp dpt:webcache
logdrop tcp -- anywhere anywhere tcp dpt:www
logdrop tcp -- anywhere anywhere tcp dpt:https
logdrop tcp -- anywhere anywhere tcp dpt:69
logdrop tcp -- anywhere anywhere tcp dpt:ssh
logdrop tcp -- anywhere anywhere tcp dpt:telnet


Any ideas? :-S
Sponsor
phoebus
DD-WRT Novice


Joined: 21 Feb 2012
Posts: 3

PostPosted: Mon Feb 27, 2012 12:52    Post subject: Reply with quote
A bit more details...still working on this one.
-I moved apache to port 100
-iptables -I INPUT -p tcp --dport 100 -j logaccept

apache restart, check netstat- it is listening on port 100:
tcp 0 0 0.0.0.0:100 0.0.0.0:* LISTEN

Iptables logs the packet went thru:
ACCEPT IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=51768 DF PROTO=TCP SPT=53334 DPT=100 SEQ=3253437521 ACK=0 WINDOW=32792 RES=0x00 SYN URGP=0 OPT (0204

Netstat acknowledges it as established connection:

tcp 171 0 127.0.0.1:100 127.0.0.1:53335 ESTABLISHED

There is no answer, there is nothing in apache logs!

I even tried opening everything locally:
iptables -I INPUT -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
iptables -I OUTPUT -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT

and it's not any better.

It looks like the packet got lost between kernel and apache?
Any ideas?
phoebus
DD-WRT Novice


Joined: 21 Feb 2012
Posts: 3

PostPosted: Mon Feb 27, 2012 13:12    Post subject: Reply with quote
I tried using netcat and lighttpd- apache must be broken or something as lighttpd works OK.
Kilowhisky
DD-WRT Novice


Joined: 13 Mar 2010
Posts: 9

PostPosted: Sun Jul 08, 2012 2:06    Post subject: Reply with quote
I am having this exact same issue? Can anyone help?

I would really like to use apache because it can do transparent reverse proxying really well. ( and i know how to set that up ).
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum