Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 1 May 2003 19:48:13 +0000
From:      Philip Reynolds <philip.reynolds@rfc-networks.ie>
To:        freebsd-ipfw@freebsd.org
Subject:   Re: ipfw + http : apache
Message-ID:  <20030501194813.GB62220@rfc-networks.ie>
In-Reply-To: <001f01c31010$5da8ca90$0a00a8c0@dzelde>
References:  <001f01c31010$5da8ca90$0a00a8c0@dzelde>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Martins Dzelde <dzelde@parks.lv> 43 lines of wisdom included:
> Hi,
> 
> Priori I installed Apache2.0, whcich worked fine, then I added natd and ipfw
> for internet connection sharing on the same FreeBSD box and the web server
> stopped working properly. That is, the server is running and listening to
> the adress X:80, but I cant access the web content on my server.
> 
>  Now, if I turn off the firewall by
> 
> > sysctl net.inet.ip.fw.enable=0
> 
> than it works fine... from an outside computer I can access my web
> doccuments but can not access them when I turn on the firewall.
> 
> I have the followign rules set:
> 
> ipfw add 00100 divert natd all from any to any
> ipfw add 00200 allow ip from any to any
> 
> The Firewall default configuration is to deny all from any to any, hence
> there is the final rule
> 
> ... 65535 deny ip from any to any
> 
> when cheking the ipfw counters with ipfw -a list, the I get that the only
> the first two are used and there is no use of the rule 65535 ie:
> 
> 00100    xxx    xxx    divert 8668 ip from any to any
> 00200    xxx    xxx    allow ip from any to any
> 65535    0        0        deny ip from any to any
> 
> Please, help me to allow the outside world access my http documents.

is NATD running?

ps auxwww | grep natd

Phil.

-- 
Philip Reynolds                      | RFC Networks Ltd.
philip.reynolds@rfc-networks.ie      | +353 (0)1 8832063
http://people.rfc-networks.ie/~phil  | www.rfc-networks.ie



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?20030501194813.GB62220>