On Tue, 16 Sep 2008 17:48:48 +1000 (EST) [EMAIL PROTECTED] wrote: > > On Tue, 16 Sep 2008 [EMAIL PROTECTED] wrote:
>From a digest post, trimming a bit .. > >>> After 3 years, by apache 1.3 server quite working. It shows a > >>> PID, it's running, it can be stopped and restarted, and from FreeBSD > >>> the home page comes up using lynx http://andrsn.stanford.edu > >>> > >>> But from outside, it times out. > >>> > >>> I have run the texts for valid configuration (I haven't changed > >>> anything) and I actually rebooted the machine. The texts are okay and > >>> rebooting doesn't help. > >>> > >>> The machine is pingable. It's running FreeBSD 5.5 or so. > >>> > >>> What to do next? > >>> > >>> Annelise > >>> _______________________________________________ > >> > >> Hmm.. > >> Can it connect to the outside world at all itself? Has the network > >> changed > >> at all recently? Did the server restart at all and if so are the > >> firewall > >> rules (if any) permitting external traffic? > >> > >> You could check the apache logs to see if any external connections are > >> getting through to the box at all, too. > >> > >> Is the lynx test connecting from the same box to itself? or from another > >> FreeBSD box..? > > > >>From the same box to itself. What about from other boxes 'inside' your domain? > >> -- > >> Also, what Chris said would cover most of these. :) > >> > >> Cheers, > >> Mark > > > > Chris wrote: > > > >>Sounds like a (probebly external) firewall issue. Just because pings get > >>through, doesn't mean the http requests are. > > > > No firewall on my machine. No, but there are (hopefully :) Stanford firewall/s between you and the outside world. Might they have upgraded policy about allowing inbound port 80 connections to boxes not known/expected to be running servers? > >>I'd run ngrep or tcpdump on the console and double-check that the packets > >>are actually making it to the server. > > > >>Also, do a "sockstat -4" and make sure it's listening on the approprate > >>IP. > > > > Thank you both-- > > > > sockstat -4 show that it's listening on *:80, which is right. > > Neither tcpdump (assuming I'm reading it correcting) nor httpd-access.log > > shows any tcp packets at all getting through except when lynx is run > > from the machine on which apache is running after Sept 12 at 2:12 a.m. > > Thus, I assume packets are not getting to the server, except when > > requested from the local machine. Sounds like your machine is setup ok, but inbound tcp setup packets are apparently getting blocked upstream. > > email and ftp are working--and I can log into the machine remotely-- > > so stuff is getting out and in. tcpdump shows a lot of other activity, Specific like 'tcpdump -pn -i $iface tcp port 80' quells other noise. > > So, I'm stumped. > > > > Annelise Ok, ping and DNS look fine. I (also) can traceroute your box this far: 14 bbrb-isp.Stanford.EDU (18.104.22.168) 193.489 ms 193.562 ms 195.603 ms 15 * * * 16 * * * 17 * * * 18 * *^C I don't know whether you allow inbound traceroutes? but the question now is, how many routers between you and and bbrb-isp.Stanford.EDU ? Can you show us a 'traceroute bbrb-isp.Stanford.EDU' from your machine? > This might sound like an odd test, but try configuring it to sit on a port > other than 80 (8080, for example) and seeing if you get the same problem > there. > > Cheers, > Mark If you're thinking what I'm thinking, 8080's just as unlikely to work :) cheers, Ian _______________________________________________ firstname.lastname@example.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"