|
Posted by Hobbyist on March 22, 2005, 5:06 pm
If you were Registered and logged in, you could reply and use other advanced thread options
I'm having trouble setting up a firewall (with a decent real time log
screen) that will allow access to Apache 2.0.44 through my DSL
connection. I REALLY like my Visnetic 1.2 but I can't seem to get it
to work.
First - I've followed the instructions in the help for DSL users:
http://hobbyists.no-ip.org/FWPic1.jpg
My physical ethernet adapter is set to pass all activity and my
EnterNet (PPPoE) package shows up as a dialup connection. I've
applied my rules to this adapter and everything works great (except
for incomming TCP on 80).
Second - I've set up a no-ip.com account and installed the Dynamic
Update Client to refresh hobbyists.no-ip.org to reflect my new dynamic
IP every time I connect. This works fine as well as long as I don't
enable my firewall. (i.e. I can reach my server using
http://hobbyists.no-ip.org when I use a computer at work). It also
works just fine if I switch the configuration for the "dial-up"
adapter to allow all activity rather than filtering.
Third - I've installed an anonymizing proxy (actually I've used
several different ones) in Opera so I can get around the problem of
having my local interactions with Apache resolved to localhost
(immediately after the DNS lookup of hobbyists.no-ip.org) and
therefore not going through the firewall. Here's a couple of screen
captures to show that this is working fine as well:
- Here's the entries after pulling up www.red.com:
http://hobbyists.no-ip.org/FWPic2.jpg
- Here's after www.google.ca:
http://hobbyists.no-ip.org/FWPic3.jpg
(notice the destination in both cases is the anonymizing proxy IP yet
both pages come in fine)
Here's what I get after trying to reach http://hobbyists.no-ip.org:
http://hobbyists.no-ip.org/FWPic4.jpg
Notice the 2 TCP connections out and then back from the proxy IP. The
page does not appear in my browser. Eventually Opera times out and the
proxy gives me back the "URL can not be reached" page here:
http://hobbyists.no-ip.org/FWPic5.jpg
I thought perhaps my ISP didn't allow incomming connections on port 80
but all I have to do is turn off filtering on the dialup adapter and
the page comes in fine:
http://hobbyists.no-ip.org/FWPic6.jpg
I've tried reducing my firewall to allow everthing by
1. Removing blocking on all common, IP, and Other protocols:
http://hobbyists.no-ip.org/FWPic7.jpg
and
2. By adding a rule to each of the common protocol rule lists that
allows everything from everywhere.
http://hobbyists.no-ip.org/FWPic8.jpg
(Notice the rule at the top of the list. There is a similar one for
each of UDP, ICMP, ARP, and RARP as well)
Even in this "Null" configuration I still get the 2 connect attempts
out, 2 attempts back in, and no page in my browser. I turn off the
firewall (or allow all activity on the dialup adapter) and it's fine.
Any suggestions? Help? Education?
Very sincerely, thanks in advance,
Hobbyist
| 
XML site map