I installed Apache in CentOS 5.5, after searching the web for tips on configuration I did the following to enable connecting the HTTP server from outside:
- In /etc/httpd/conf/httpd.conf I changed the Listen value to 0.0.0.8011
- I checked netstat –anp and I do see Apache is listening on this port
- Configured the httpd as service: chkconfig --levels 235 httpd on
- Enabled ports with semanage port -a -t http_port_t -p tcp 8011
- In iptables I set iptables -A INPUT -d 10.1.15.1 -p tcp --dport 8011 -j ACCEPT
/etc/init.d/iptables save active - Restarted the server
But I still can't connect from outside, not even with telnet .
By the way FTP and SSH do work great with this IP address, and i can ping to the VMware server.
OK, I keep editing my question: Now when i stop the firewall (iptables), i can connect just fine, so i guess my question is how properly do I configure iptables to accept http connections on port 8011?
I believe your problem is that you used "-A" to append to the iptables rules. The default rules end with a REJECT rule, so your rule is never getting a chance to match. Try changing the "-A" to "-I" in your rule and try again:
Does that help?
Everything else you are doing looks correct.
You can see the running rule-set with:
which allows you to see the full set of rules, including in the NAT tables. This may help you to see that some rules are after others, but it's a little complicated because CentOS 5 is using this "RH-Firewall-1-INPUT" table to unify INPUT and FORWARD rules, so the INPUT chain just jumps there. So you need to read through that full chain to see what happens before the packet gets to your new rule.