Andre,
Running Apache on the firewall box is not a good idea, but if this is your
only choice, place the ofllowing ipchains rule in your firewall script
before the blanket deny:
-A input -s 0/0 -d <YOUR MACHINE OUTSIDE IP HERE> 80 -i <INTERFACE HERE> -p
6 -j ACCEPT
This will let anyone (0/0 = 0.0.0.0/0 = any) go to your machine's outside
IP, on the specified interface to connect to port 80/tcp (protocol 6 = tcp)
and exchange data. If you want to log all the attempts, which is
recommended, but may not be practical for high traffic sites, you can add a
"-l" t the end of that string.
Hope this helps, and if you need any further help, don't hesitate to ask,
-Igor Gashinsky
At 11:25 PM 4/1/00 -0800, Andr� Bell wrote:
>I know this is going to sound like a dumb question to most but I don't know
>how to open port 80 when using ipchains.
>
>I am running pmfirewall and it runs beautifully at blocking access -- too
>well. I can get out to the internet 100% unrestricted but unfortunately
>all of my services are blocked from allowing anyone to get in. I am
>running apache and need to allow others to reach the web server on my linux
>box but my firewall is blocking access to that port along with nearly all
>other ports.
>
>How do I configure ipchains to allow access to my web server without
>opening the linux box up to unnecessary dangers?
>
>Yes I read the ipchains HOW-TO and if the answer is in there I missed it,
>or didn't understand. I am six months new to Linux and still learning.
>Until I installed linux nevr even seen it before, only heard about it. I
>feel proud that I've successfully installed and configured three seperate
>distributions so far as well as know a little more than how to 'point and
>click' my way through linux. Now I need to learn how to control and manage
>my firewall, among other things.
>
>Thanks for your help.
>
>Andr�
>
>
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
