Topic: Broken HTTP port 80 in 6.0b3 and 5.6

[Beat]

I'm having troubles with port 80 on two e-smith servers.

On server one (sme 5.6) suddenly I couldn't access my website anymore from outside. No log entries which would provide some clue. From inside everything works perfectly. Also other stuff like Apple iChat works through the server (cable, server and gateway mode, no suspicious entries in any log file, good hardware etc.)

Made some portscans from outside and indeed, no port 80. Called cable provider, said that they didn't block anything (like it was ever since).

Then comes server two into the play. I set it up with 6.0beta3 to see whether version 5.6 was the problem. And again the same, from inside everything works, from outside not.

I then fired up Apache on my iBook (thank god this is so easy) and made a port forward (from port 80 to port 80) to it, still with 6.0b3 as server and gateway. Unbelieveable but this works but is no solution because I need the iBook on the road....

The only indication with 6.0b3 what could be wrong are entries in "messages" like the following:
Oct 10 18:29:06 chef kernel: denylog:IN=eth1 OUT= MAC=00:60:97:4b:b2:60:00:02:b9:66:68:54:08:00 SRC=61.211.x.y DST=194.208.x.y LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=55460 DF PROTO=TCP SPT=2553 DPT=6346 WINDOW=8192 RES=0x00 SYN URGP=0
Oct 10 18:29:09 chef kernel: denylog:IN=eth1 OUT= MAC=00:60:97:4b:b2:60:00:02:b9:66:68:54:08:00 SRC=61.211.x.y DST=194.208.x.y LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=38309 DF PROTO=TCP SPT=2553 DPT=6346 WINDOW=8192 RES=0x00 SYN URGP=0
Oct 10 18:29:15 chef kernel: denylog:IN=eth1 OUT= MAC=00:60:97:4b:b2:60:00:02:b9:66:68:54:08:00 SRC=61.211.x.y DST=194.208.x.y LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=49062 DF PROTO=TCP SPT=2553 DPT=6346 WINDOW=8192 RES=0x00 SYN URGP=0

Does anyone have any hints? I read in another thread that someone is having the same or a similar problem with 6.0b3. If I forgot to mention something important, please ask back. I don't know what to do next.

Thanks for any help,
Beat

[Peter]

Winging this a bit but here goes...

1. The port 80 question, just to clarify you set up a 6b3 server then port forwarded to your iBook and then the webpages could be viewed from the internet?

2. The denylog thing is mentioned in another post and the opinion there was that they are DHCP type requests. The previous posts thought these might be from the cable ISP. I have a ADSL connection and have the same messages but from mutliple different IP's so I think these are logged DHCP request from other people on the ISP's network, i.e. other peoples machines are broadcasting for an address or updates from a DHCP server - your sme server is one but presumably its turned off, but it is still logging the requests anyway.

Peter.

[Beat]

1. Yes, I forwarded with 6.0b3 (because in 5.x there was no forwarding without contribs messing, this was also the main reason I tried 6.0b3). The forwarding to my iBook worked. Since then I messed around with network cards, changed the external nic's netmask from .../24 to /16 and recreated iBays. I'm not sure if the netmask change did something good but now it works more or less. I still can't access virtual domains properly so I just copied the ibay contents over to the primary ibay.
I also learned that way that "lynx" and "links" are not very useful when testing virtual domains. I think they somehow got confused with them and didn't let me in. If I had tested with a "big" browser I may have worked I suspect.

I have had not that much time trying to figure out the exact cause in this case but I now think that it isn't a bug in sme server. It's more related to my netmask problem and/or links/lynx.

2. I'm not sure if these are DHCP type requests. I had an eye on my "messages" log file and I get various sizes of requests with many different source and destination ports. Sometimes only seconds apart from the same IP (with equal sizes, then). A closer look at the lines makes me believe that the requests are from P2P sharing programs. And they have probably nothing to do with my problem #1.

Thanks for answering!

[Peter]

Think you are right about both questions!

Peter.

[Charlie Brady]

Beat wrote:

> Then comes server two into the play. I set it up with
> 6.0beta3 to see whether version 5.6 was the problem. And
> again the same, from inside everything works, from outside not.
...
> Does anyone have any hints? I read in another thread that
> someone is having the same or a similar problem with 6.0b3.

As has been said here numerous times. Anything which should work which doesn't should be reported in detail to smebugs@mitel.com.

Charlie

[Beat]

I know that bug reports should go directly to mitel but I don't want to mess up with something that probably is just my fault. Therefore I consulted the forum first. As it now turns out it _was_ my fault (netmask) but I'm not 100% sure. There were different things going wrong at the same time (I had to change one nic, my provider had some problems and even then a hard drive died). If I get any additional insights I'll report them.

Thanks anyway for the hints.