View previous topic :: View next topic |
Author |
Message |
Verted Guru
Joined: 09 Apr 2004 Posts: 480 Location: London, England
|
Posted: Sat Sep 03, 2016 7:08 pm Post subject: Unable to access Apache over LAN |
|
|
I have a headless install which I access from my MacBook via SSH. I have successfully installed Apache - confirmed by navigating to http://127.0.0.1/ in the Links browser.
However I do not seem to be able to access this from the web browser on my MacBook when I try to navigate to http://192.168.0.6 (the LAN IP for the CentOS computer). I get an error message saying that Safari cannot connect to the server.
In my httpd.conf file, Listen is set to 80.
What am I doing wrong? Or is there another way that I should be trying to access this other than the LAN IP? _________________ Thanks,
-Verted |
|
Back to top |
|
|
Buffoon Veteran
Joined: 17 Jun 2015 Posts: 1369 Location: EU or US
|
Posted: Sat Sep 03, 2016 7:11 pm Post subject: |
|
|
Does CentOS come with firewall enabled by default? |
|
Back to top |
|
|
Verted Guru
Joined: 09 Apr 2004 Posts: 480 Location: London, England
|
Posted: Sat Sep 03, 2016 7:15 pm Post subject: |
|
|
I believe it does - by i've checked and port 80 is open.
Code: | [root@centos-rpi3 ~]# nmap 192.168.0.6
Starting Nmap 6.40 ( http://nmap.org ) at 2016-09-03 19:15 UTC
Nmap scan report for 192.168.0.6
Host is up (0.00012s latency).
Not shown: 997 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
3306/tcp open mysql
Nmap done: 1 IP address (1 host up) scanned in 0.71 seconds |
_________________ Thanks,
-Verted |
|
Back to top |
|
|
NeddySeagoon Administrator
Joined: 05 Jul 2003 Posts: 54237 Location: 56N 3W
|
Posted: Sat Sep 03, 2016 7:25 pm Post subject: |
|
|
Verted,
Hey Verted, long time no see. Welcome back to Gentoo.
Apache normally listens on 127.0.0.1, which is safe, if not very useful.
You need to set ServerName in httpd.conf as, say Code: | ServerName bloodnoc.org | That's a real one, you can browse that if you wish, it will only say "It works!"
I think the default is localhost.
Once you have done that and restarted apache, it may well refuse to start.
Whatever you choose for server name, must resolve to the external IP address of the apache server, in your case' 192.168.0.6
There are several ways to do that. Your DNS can provide the name/IP lookup, in which case you will be able to browse to http://name from all over your LAN.
The alternative is with an entry in /etc/hosts on the server. That will keep apache happy. _________________ Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
Back to top |
|
|
Verted Guru
Joined: 09 Apr 2004 Posts: 480 Location: London, England
|
Posted: Sat Sep 03, 2016 7:44 pm Post subject: |
|
|
Thanks Neddy - Very long time no see, hope you're keeping well.
Slowly getting back into Linux, although not Gentoo(yet) as I couldn't get it to work on my Raspberry Pi 3; it's bad how little I remember!
I've tried the steps below but it hasn't seemed to resolve the issue:
httpd.conf
Code: |
#
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
#
# If your host doesn't have a registered DNS name, enter its IP address here.
#
ServerName rpi3:80 |
/etc/hosts
Code: |
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.0.6 rpi3 |
Does the above look okay to you?
Is there really no way that I can just use the LAN IP? Reason being that that IP is randomly assigned to the RPi3 - it's possible that if I were to restart the router it could be assigned a different number? _________________ Thanks,
-Verted |
|
Back to top |
|
|
Verted Guru
Joined: 09 Apr 2004 Posts: 480 Location: London, England
|
Posted: Sat Sep 03, 2016 7:55 pm Post subject: |
|
|
Okay, I was able to resolve this via the following:
Code: | # firewall-cmd --add-service=http |
And it does allow me to use the LAN IP rather than a Host Name. _________________ Thanks,
-Verted |
|
Back to top |
|
|
NeddySeagoon Administrator
Joined: 05 Jul 2003 Posts: 54237 Location: 56N 3W
|
Posted: Sat Sep 03, 2016 8:11 pm Post subject: |
|
|
Verted,
You keep getting new IPs on the Pi because it gets a randomly assigned MAC address every power up.
Either set a MAC address statically, on Gentoo its
/etc/conf.d/net: | # The Pi has no permanently assigned mac address
# random mac addresses work but with DHCP
# the server wants to change the IP address if the lease
# expired while the Pi was off.
# The Pi asks for its old IP but with a new mac address
# DHCP sends a NAK, so fix the mac address here
mac_eth0="ea:c0:21:bd:90:0b" |
or set a static IP address on the Pi, outside of the IP address range used by your DHCP server.
Gentoo works fine on the Pi 3 in 32 bit mode.
Its more of a challenge in 64 bit mode.
I'm good thank you. I'm still learning new things about Gentoo too. _________________ Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
Back to top |
|
|
Verted Guru
Joined: 09 Apr 2004 Posts: 480 Location: London, England
|
Posted: Sat Sep 03, 2016 8:26 pm Post subject: |
|
|
Thanks Roy. Once I start to get the hang of things again I will get Gentoo installed; I also intend to give Arch-Linux a try. _________________ Thanks,
-Verted |
|
Back to top |
|
|
NeddySeagoon Administrator
Joined: 05 Jul 2003 Posts: 54237 Location: 56N 3W
|
Posted: Sat Sep 03, 2016 8:33 pm Post subject: |
|
|
Moved from Other Things Gentoo to Unsupported Software.
I've just realised its not Gentoo. _________________ Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21633
|
Posted: Sat Sep 03, 2016 8:40 pm Post subject: |
|
|
Linux netfilter rules can be per interface. Running nmap on the machine to be mapped and pointing back to that machine can tell you what services exist, but success there does not mean that the services are offered to the outside world, only that they are offered to processes on the same machine. This seems to be what happened to you, as evidenced by your success after you told your firewall manager to allow the connection. Once nmap confirms that the service exists at all, the next step would have been to run nmap from the machine where the browser would be run, so that nmap's probes are treated the same way the browser's connection request would be treated. |
|
Back to top |
|
|
Verted Guru
Joined: 09 Apr 2004 Posts: 480 Location: London, England
|
Posted: Sat Sep 03, 2016 8:44 pm Post subject: |
|
|
Thanks all.
~10 years on and I still do find the Gentoo to be the most knowledgeable and helpful; i've posted this on three other forums with no success. _________________ Thanks,
-Verted |
|
Back to top |
|
|
|