An odd FreeBSD problem

  • Hellscythe
  • Born
  • Born
  • Hellscythe
  • Posts: 4

Post 3+ Months Ago

OK, I've got a FreeBSD server set up on an old PII box. I'm serving telnet, FTP, and HTTP mostly to myself and friends. All 3 services work wonderfully fast underneath the router, but outside, most of them time out. I have a Linksys BEFSR41V3 running firmware 1.05.03 with UPnP forwarding set apparently correctly to the FBSD box. Remotely, namely from school, I can access only the telnet, and on the wired portions of the network I can reach the FTP, but the HTTP times out. None of my friends can access any of the 3 services, which leads me to believe that it's not just the school connection. Would my router be slaughtering the connection, or is it a firewall problem? Maybe someone can help, because I'm thoroughly confused.

Also, and I'm just curious, is FBSD a fairly raw distro or not?
  • meman
  • Web Master
  • Web Master
  • User avatar
  • Posts: 3432
  • Loc: London Town , Apples and pears and all that crap

Post 3+ Months Ago

Is your router forwarding the correct ports to the correct internal IP?

Is it timing out, or saying the coonnection has been refused?
  • Hellscythe
  • Born
  • Born
  • Hellscythe
  • Posts: 4

Post 3+ Months Ago

Yeah, they're all forwarded correctly and enabled, and they're timing out, so something establishes.
  • Daemonguy
  • Moderator
  • Web Master
  • User avatar
  • Posts: 2700
  • Loc: Somewhere outside the box in Sarasota, FL.

Post 3+ Months Ago

For the record FBSD is not a 'raw distro', but a fully matured Unix derivative; it is NOT a Linux.

As for your issue, if you are having timeouts it could be one of quite a few things.

Are you certain you have the proper ports open on the linksys? It's not merely a matter of 'opening ports' per se, you have to NAt the connections back via some port forwarding methodology.

The very fact your FBSD box responds to systems within your own network states clearly that it functions properly. The problem must then reside on your gateway.
Are you permitting inbound ports but not outbound? Remember that just because you open port 80 inbound does not mean the web server will use port 80 on the outbound. If you don't have outbound ports enabled nothing will escape.

If you wish, you may PM me with the IP to your external connection. I will look at it more closely.

Cheers.
  • Hellscythe
  • Born
  • Born
  • Hellscythe
  • Posts: 4

Post 3+ Months Ago

Well, in hindsite, then this probably should've went into a website server board then....

And I don't think that there's a way on this router to explicitly forward inbound and outbound ports. However, remotely, telnet works, and is forwarded in the same way as the other two. I've tried multiple "methods" of forwarding it, but nothing but the telnet works.

I'm almost wondering if it's a FreeBSD firewall or Apache config screwup to only let local users in, because I'm having no hope with this. Does anyone know if I'm missing something in the Apache config that makes it local-only out of the box?

And for the raw comment, I know it's a wonderful Unix derivative, not Linux, but what I more of meant was is it difficult for newbies?
  • Daemonguy
  • Moderator
  • Web Master
  • User avatar
  • Posts: 2700
  • Loc: Somewhere outside the box in Sarasota, FL.

Post 3+ Months Ago

More difficult? Hmm. Well, it's more command line driven natively. Perhaps it's not for the timid. :)

Do you have something like PF installed and running on the FBSD box? You did not mention that you might have some firewalling service in operation -- I was led to believe you relied on the Linksys for that.

It should not matter at all how you serve out of the Apache box; it IS local, that is to say if you have a 192.168. address on the backend node (the apache box) then it's on your local LAN in a non-Internet addressable address space. If you NAT or port forward port 80 requests through the linksys router directly to the apache box it should answer just fine.

There's something else I had not considered; perhaps your ISP is not permitting port 80 traffic to your external IP? Have you researched your TOS with them to see if they permit a web server? It is entirely plausible that they are the ones producing your problem, provided you have correctly set port forwarding up.
ftp://ftp.linksys.com/pdf/befsr11_befsr41ug.pdf is the guide to your router.
  • Hellscythe
  • Born
  • Born
  • Hellscythe
  • Posts: 4

Post 3+ Months Ago

Yeah, I rely on the Linksys for firewall. However, I've got the general idea of FreeBSD, but I'm still a little new to it as far as processes and configs go. I don't know if there's a firewall set up default for it, but I haven't set one up.

I wasn't referring to serving out of the computer in "out of the box," just as in "default".

Also, I haven't thought about my ISP killing my connection. I tracerouted from a remote unix system, and the connection only gets part of the way into my ISP's network, then it gets killed before it gets to me. lynx is the only way to access anything remotely on that system, and it won't reach the HTTP, either.
  • this213
  • Guru
  • Guru
  • User avatar
  • Posts: 1260
  • Loc: ./

Post 3+ Months Ago

Connect another computer to the OUTSIDE port of the router and see if you can get to the BSD box from that. If you can, you know for a fact that your ISP is killing the connection (or some computer between your router and wherever else you're trying to connect from).

If this is the case, change your apache config to listen on a different port, something over 1024. This will let you hit the web server with IP:PORT in your browser (http://123.123.123.123:3687)

Post Information

  • Total Posts in this topic: 8 posts
  • Users browsing this forum: No registered users and 35 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
cron
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.