| View previous topic :: View next topic |
| Author |
Message |
kgdrenefort
Apprentice
Joined: 19 Sep 2023
Posts: 152
Location: Somewhere in the 77
|
 Posted: Thu Apr 04, 2024 11:47 am Post subject: [SOLVED] Can’t reach binhost’s lighttpd from laptop |
 |
|
Hello,
Fix: Long-story short, I was using an IPv6 address (server.use-ipv6 into /etc/lighttpd/lighttpd.conf, just comment it and reload the service) while trying to reach it on an IPv4 address. Silly me (-:< !
I have a paper-weight-laptop that is too weak to compile by itself, so I made a nspawn which settings fit with the PW-laptop.
First, I tried to setup the lighttpd on the host of the binhost, it was reachable from browser, curl and telnet as well on port 80.
But after a 403 Forbidden and having set the permissions of /var/cache/binpkgs as lighttpd:lighttpd (also tried first root:lighttpd), the PW-laptop was having a connection refused:
| Code: |
!!! Error fetching binhost package info from 'http://192.168.1.103/packages'
!!! <urlopen error [Errno 111] Connection refused> |
The PW-laptop was able to ping it as explained above.
To make it works, I tried this into the lighttpd.conf file:
| Code: | # https://wiki.gentoo.org/wiki/Binary_package_guide#Web_based_binary_package_host
server.dir-listing = "enable"
server.modules += ( "mod_alias" )
alias.url = ( "/packages" => "/var/lib/machines/lilithBinhost/var/cache/binpkgs/" ) |
I started to think that linking /packages to "/var/lib/machines/lilithBinhost/var/cache/binpkgs/" was waybe not a good idea.
But at least the host’s lighttpd (not the binhost !) server was reachable.
Then I installed into the binhost lighttd, and added this:
| Code: | # add this to the end of the standard configuration
server.dir-listing = "enable"
server.modules += ( "mod_alias" )
alias.url = ( "/packages" => "/var/cache/binpkgs/" )
|
The server is running, from systemctl I can check the status as reach it from the binhost itself using curl or w3m. The PW-laptop can ping it.
But no machines can access port 80, using the host of the binhost I get this error:
| Code: | | telnet: connect to address 192.168.94.253: Connection refused |
Which is obvious, I think, that anything can access the machine port’s 80.
I’m used to web server, but not lighttpd.
After checking the lighttpd.conf, which is vanilla beside the addition for packages/.
Default port is at 80 on the lighttpd’s binhost configuration.
I am a bit out of idea, beside this one:
192.168.94.XXX is not my usual network setup:
| Code: |
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: host0@if5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 1e:bb:cc:7c:db:c0 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 192.168.94.253/28 metric 1024 brd 192.168.94.255 scope global dynamic host0
valid_lft 2710sec preferred_lft 2710sec
inet6 fe80::1cbb:ccff:fe7c:dbc0/64 scope link proto kernel_ll
valid_lft forever preferred_lft forever
|
My usual CIDR is /24, here it’s 28.
From the interface name and the IP, I guess it use a parallels schemes of my actual LAN, probably getting network with some vodou network stuff (and I’m very bad with network, like the worst). And that is where my knowledge and skills end.
I would ideally want to have an usual 192.168.1.XXX network schemes.
I can also add that I do not see the binhost from my ISP interfaces for LAN management.
Any guidance or tips regarding this small problem ?
I might have badly configured the network on the binhost, forget a step maybe to allow this behavior ?
If you need more information, please ask.
Regards,
GASPARD DE RENEFORT Kévin
_________________
«Gentoo does not have problems, only learning opportunities.» - NeddySeagoon
«If your Gentoo installation isn't valuable to you, feel free to continue to ignore the instructions.» - figueroa
Last edited by kgdrenefort on Thu Apr 04, 2024 6:51 pm; edited 1 time in total |
|
| Back to top |
|
 |
freke
l33t
Joined: 23 Jan 2003
Posts: 974
Location: Somewhere in Denmark
|
| Posted: Thu Apr 04, 2024 3:00 pm Post subject: |
|
|
Can the machines ping each other?
is the binhost listening on port 80? |
|
| Back to top |
|
|
kgdrenefort
Apprentice
Joined: 19 Sep 2023
Posts: 152
Location: Somewhere in the 77
|
| Posted: Thu Apr 04, 2024 5:19 pm Post subject: |
|
|
| freke wrote: | Can the machines ping each other?
is the binhost listening on port 80? |
Yes, they are, with something new: After rebooting my host, not binhost, and started up the binhost, I have now the IP of the host which is 192.168.1.103 and a new interface name (enp8s0):
Binhost:
| Code: | -bash-5.1# ping 192.168.1.80
PING 192.168.1.80 (192.168.1.80) 56(84) bytes of data.
64 bytes from 192.168.1.80: icmp_seq=1 ttl=64 time=257 ms
64 bytes from 192.168.1.80: icmp_seq=2 ttl=64 time=237 ms
64 bytes from 192.168.1.80: icmp_seq=3 ttl=64 time=218 ms
^C
--- 192.168.1.80 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 218.396/237.302/256.510/15.561 ms |
The paper-weight:
| Code: | root@lilith ~ # ping 192.168.1.103
PING 192.168.1.103 (192.168.1.103) 56(84) octets de données.
64 octets de 192.168.1.103 : icmp_seq=1 ttl=64 temps=1.75 ms
64 octets de 192.168.1.103 : icmp_seq=2 ttl=64 temps=1.99 ms
64 octets de 192.168.1.103 : icmp_seq=3 ttl=64 temps=7.47 ms
^C
--- statistiques ping 192.168.1.103 ---
3 paquets transmis, 3 reçus, 0 % paquets perdus, temps 2003 ms
rtt min/moy/max/mdev = 1,751/3,738/7,471/2,641 ms |
But it still can’t reach the server, beside it is up:
Paper-weight:
| Code: | root@lilith ~ # emerge -vauDUG @world
Local copy of remote index is up-to-date and will be used.
!!! Error fetching binhost package info from 'http://192.168.1.103/packages'
!!! <urlopen error [Errno 111] Connection refused>
* IMPORTANT: 19 news items need reading for repository 'gentoo'.
* Use eselect news read to view new items.
Local copy of remote index is up-to-date and will be used.
!!! Error fetching binhost package info from 'http://192.168.1.103/packages'
!!! <urlopen error [Errno 111] Connection refused>
These are the packages that would be merged, in order:
Calculating dependencies /... done!
Dependency resolution took 2.41 s.
Exiting on signal 2 |
(Made a Ctrl^C here)
So, it’s probably not about the network/CIDR.
Concerning netstat, yes lighttpd is listening to that port:
The binhost:
| Code: | -bash-5.1# netstat -lnp | grep 80
tcp6 0 0 :::80 :::* LISTEN 89/lighttpd
raw 214080 0 0.0.0.0:17 0.0.0.0:* 7 -
unix 2 [ ACC ] STREAM LISTENING 37806 44/systemd-resolved /run/systemd/resolve/io.systemd.Resolve
unix 2 [ ACC ] STREAM LISTENING 37807 44/systemd-resolved /run/systemd/resolve/io.systemd.Resolve.Monitor |
As this w3m output if I try to reach localhost:
The binhost:
| Code: | Index of /
Name Last Modified Size Type
lighttpd/1.4.73 |
And I still can’t reach port 80 from the paper-weight:
Paper-weight:
| Code: |
kgdrenefort@lilith ~ $ telnet 192.168.1.103 80
Trying 192.168.1.103...
telnet: connect to address 192.168.1.103: Connection refused |
So I can ping it, but nobody but the binhost itself can access 80… Even the host of the binhost.
Regards,
GASPARD DE RENEFORT Kévin
_________________
«Gentoo does not have problems, only learning opportunities.» - NeddySeagoon
«If your Gentoo installation isn't valuable to you, feel free to continue to ignore the instructions.» - figueroa |
|
| Back to top |
|
|
Hu
Moderator
Joined: 06 Mar 2007
Posts: 21586
|
| Posted: Thu Apr 04, 2024 6:00 pm Post subject: |
|
|
For the sake of a consistent view, please show, from both paperweight and binhost:- Output from ip addr; ip route; ss -ntlp, as root. Note which system is which.
- Output from w3m -dump_extra http://192.168.94.253/
- Output of iptables-save -c
Your existing tests with w3m are inconsistent about whether you use localhost or a numbered address. Additionally, your lighttpd is listening on IPv6, which may or may not be able to receive the connections with the way you attempted them. |
|
| Back to top |
|
|
kgdrenefort
Apprentice
Joined: 19 Sep 2023
Posts: 152
Location: Somewhere in the 77
|
| Posted: Thu Apr 04, 2024 6:23 pm Post subject: |
|
|
| Hu wrote: | For the sake of a consistent view, please show, from both paperweight and binhost:- Output from ip addr; ip route; ss -ntlp, as root. Note which system is which.
- Output from w3m -dump_extra http://192.168.94.253/
- Output of iptables-save -c
Your existing tests with w3m are inconsistent about whether you use localhost or a numbered address. Additionally, your lighttpd is listening on IPv6, which may or may not be able to receive the connections with the way you attempted them. |
Sure ! Thanks for your reply.
Paperweight:
| Code: | lilith ~ # ip addr; ip route; ss -ntlp
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: wlp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 90:2e:1c:21:2c:ee brd ff:ff:ff:ff:ff:ff
inet 192.168.1.80/24 brd 192.168.1.255 scope global dynamic noprefixroute wlp1s0
valid_lft 37471sec preferred_lft 32071sec
inet6 2a01:e0a:47d:1160:e453:f7ea:4764:e418/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 86301sec preferred_lft 86301sec
inet6 fe80::deb8:7787:6784:980f/64 scope link
valid_lft forever preferred_lft forever
default via 192.168.1.254 dev wlp1s0 proto dhcp src 192.168.1.80 metric 3002
192.168.1.0/24 dev wlp1s0 proto dhcp scope link src 192.168.1.80 metric 3002
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=482,fd=21))
LISTEN 0 4096 127.0.0.54:53 0.0.0.0:* users:(("systemd-resolve",pid=482,fd=23))
LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=530,fd=3))
LISTEN 0 4096 0.0.0.0:5355 0.0.0.0:* users:(("systemd-resolve",pid=482,fd=12))
LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=530,fd=4))
LISTEN 0 4096 [::]:5355 [::]:* users:(("systemd-resolve",pid=482,fd=14)) |
| Code: | lilith ~ # w3m -dump_extra http://192.168.1.103/
w3m: Can't load http://192.168.1.103/. |
(You might maybe not notice, but the IP from binhost has changed to .1.103, the same as it’s host. With the old IP, same output)
| Code: | lilith ~ # iptables-save -c
lilith ~ # |
Binhost:
| Code: | -bash-5.1# ip addr; ip route; ss -ntlp
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: enp8s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 70:85:c2:8d:11:c5 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.103/24 brd 192.168.1.255 scope global dynamic noprefixroute enp8s0
valid_lft 37778sec preferred_lft 32378sec
inet6 2a01:e0a:47d:1160:cf5a:c2b7:6a50:5144/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 86251sec preferred_lft 86251sec
inet6 fe80::5cbc:d4bb:f2cc:fa2b/64 scope link
valid_lft forever preferred_lft forever
default via 192.168.1.254 dev enp8s0 proto dhcp src 192.168.1.103 metric 1002
192.168.1.0/24 dev enp8s0 proto dhcp scope link src 192.168.1.103 metric 1002
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 4096 127.0.0.54:53 0.0.0.0:*
LISTEN 0 4096 0.0.0.0:5355 0.0.0.0:*
LISTEN 0 511 127.0.0.1:6463 0.0.0.0:*
LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 4096 0.0.0.0:631 0.0.0.0:*
LISTEN 0 4096 [::]:5355 [::]:*
LISTEN 0 1024 [::]:80 [::]:* users:(("lighttpd",pid=89,fd=4))
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 4096 [::]:631 [::]:*
LISTEN 0 50 *:1716 *:* |
| Code: | -bash-5.1# w3m -dump_extra http://192.168.1.103/
w3m: Can't load http://192.168.1.103/. |
(You might maybe not notice, but the IP from binhost has changed to .1.103, the same as it’s host. With the old IP, same output)
| Code: | -bash-5.1# iptables-save -c
-bash-5.1# |
Regards,
GASPARD DE RENEFORT Kévin
_________________
«Gentoo does not have problems, only learning opportunities.» - NeddySeagoon
«If your Gentoo installation isn't valuable to you, feel free to continue to ignore the instructions.» - figueroa |
|
| Back to top |
|
|
Hu
Moderator
Joined: 06 Mar 2007
Posts: 21586
|
| Posted: Thu Apr 04, 2024 6:39 pm Post subject: |
|
|
| lighttpd is listening on IPv6 wildcard, only. The specific IPv4 address does not result in a connection to that listener, from either machine. I think you need either to connect via IPv6 or change lighttpd to listen to IPv4 wildcard. |
|
| Back to top |
|
|
kgdrenefort
Apprentice
Joined: 19 Sep 2023
Posts: 152
Location: Somewhere in the 77
|
| Posted: Thu Apr 04, 2024 6:48 pm Post subject: |
|
|
| Hu wrote: | | lighttpd is listening on IPv6 wildcard, only. The specific IPv4 address does not result in a connection to that listener, from either machine. I think you need either to connect via IPv6 or change lighttpd to listen to IPv4 wildcard. |
Did it worked ? Yes, like a charm. Just had to comment the line:
| Code: | | server.use-ipv6 = "enable" |
And lilith aka paperweight…
| Code: | Total: 20 packages (19 upgrades, 1 downgrade, 20 binaries), Size of downloads: 130 210 KiB
Would you like to merge these packages? [Yes/No] y |
Will suddenly become usable on Gentoo without having it in maintenance for update half of this time.
Thanks Hu, as freke, for your time and brains.
Regards,
GASPARD DE RENEFORT Kévin
_________________
«Gentoo does not have problems, only learning opportunities.» - NeddySeagoon
«If your Gentoo installation isn't valuable to you, feel free to continue to ignore the instructions.» - figueroa |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Portage & Programming
