Re: (clug-talk )More info... Apache server [INTRANET] from outside firewall...

[J . Rafael S�nchez]

Here's some additional info based on feedback I've received from Michael and
Curtis...

tcpdump capture from apache server while pinging from remote client while
also executing an http:// request. It looks like the apache server is
receiving the request but it's not acknowledging it ... /dev/null bucket?

19:03:29.856250 192.168.10.100 > apacheserver.domain.com: icmp: echo request
19:03:35.085713 192.168.10.100 > apacheserver.domain.com: icmp: echo request
19:03:40.096252 192.168.10.100 > apacheserver.domain.com: icmp: echo request
19:03:45.097648 192.168.10.100 > apacheserver.domain.com: icmp: echo request

Now, the http request entry here... I'm not sure what's going on! Do you
guys? As you can see it's receiving the packet from the correct box
192.168.10.100 but I dunno what's doing with it. Nor the icmp request for
that matter.

19:04:02.190346 192.168.10.100.4829 > apacheserver.domain.com.http: S
703528395:703528395(0) win 20888 <mss 1372,nop,nop,sackOK> (DF)
19:04:05.132444 192.168.10.100.4829 > apacheserver.domain.com.http: S
703528395:703528395(0) win 20888 <mss 1372,nop,nop,sackOK> (DF)
19:04:11.142748 192.168.10.100.4829 > apacheserver.domain.com.http: S
703528395:703528395(0) win 20888 <mss 1372,nop,nop,sackOK> (DF)

You tell me what you make out of this one here. It does not appear to be
running Iptables, does it?
==========================================================
[EMAIL PROTECTED] root]# iptables --list -t nat -v

Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source
destination

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source
destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
=======================================================
REMOTELY FROM VPN CLIENT - winxp home.
C:\ route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 c0 f0 40 7e e0 ...... VENDOR PCI Fast Ethernet Adapter (Generic) -
Packet Scheduler Miniport
0x3 ...00 60 73 eb 6f 49 ...... FIREWALLVENDOR VPN Adapter - Packet
Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     192.168.10.1  192.168.10.100   20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
     192.168.10.0    255.255.255.0   192.168.10.100  192.168.10.100   20
   192.168.10.100  255.255.255.255        127.0.0.1       127.0.0.1   20
   192.168.10.255  255.255.255.255   192.168.10.100  192.168.10.100   20
    192.168.173.0    255.255.255.0     192.168.10.1  192.168.10.100   1
  xxx.xxx.xxx.xxx  255.255.255.255     192.168.10.1  192.168.10.100   1
        224.0.0.0        240.0.0.0   192.168.10.100  192.168.10.100   20
  255.255.255.255  255.255.255.255   192.168.10.100  192.168.10.100   1
  255.255.255.255  255.255.255.255   192.168.10.100               3   1
Default Gateway:      192.168.10.1
===========================================================================
Persistent Routes: None

SOME NOTES:
VENDOR PCI = substituted for real ethernet adaptor.
FIREWALLVENDOR = substituted for real firewall vendor name
xxx.xxx.xxx.xxx  = substituted for real fully routeable ip address [firewall
ip address]
192.168.10.x = my client subnet
Default Gateway = dsl/router of the shelf box.
Version of Apache running: apache-1.3.23-11 on Red Hat 7.3


Thanks again guys...
Rafael.


----- Original Message ----- 
From: "Michael Petch" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, September 16, 2003 6:30 PM
Subject: Re: (clug-talk) Not able to see apache server [INTRANET]
fromoutside firewall...