July 22, 2009 at 10:00 am #41812
i’m new to zeroshell, and have some minor issues ni portforwarding.
We are running a webserver on the LAN, and that should also be visible from the WAN.
I can forward all the ports I want, and they also work, except 80 and 443.
I think this has to do as the zeroshell box is listening on these ports (SYS_HTTPS rule in the INPUT chain).
Can anyone please help me out on this one?
LeonJuly 22, 2009 at 11:52 am #48499
I haven’t tried it, so this is just a suggestion. Try to find the configuration file of the web server on zeroshell and change the port. Disable web server on the external interfaces and forward port 80 and 443 to the virtual server. Erase these rules in the INPUT chain.July 22, 2009 at 12:14 pm #48500
thanks but I’ve already tried to change the httpd.conf and ssl.conf to only use the private IP.
Also change the port to 81, but that doesn’t free the rule in the input chain.
I don’t know how to remove or change that rule as it is added by the system, and not by me…..
Do you know how to remove that rule?
LeonJuly 22, 2009 at 12:43 pm #48501
I do have a webserver/emailserver behind my ZS router, although i dont use 443, and i simply put a rule in the virtual server
ppp0/ANY TCP 80 [local server address]:80
and we have no issues connecting internal/external.
also point the ZS DNS to ur webserver in DHCP section as first DNS and ZS as second DNS and if u have a domain make sure ZS knows about it in the same section.
hope this helps
JCJuly 22, 2009 at 1:13 pm #48502
as I wrote I’m perfectly able to create the forward firewall rules and nat forwards as I’m publishing other services then 80+443.
It’s just these 2 which I can’t get to work.
So the nat forward rules are there, and also the firewall rules (forward chain) but still no go for 80+443
DNS+DHCP are not important at this level…I only need the traffic to be able to get to my internal server.
LeonJuly 23, 2009 at 12:32 pm #48503
Is there anyone out there who can help me out?
In the ‘INPUT’ chain, when I press the ‘view’ button I always see these rules:
0 0 SYS_HTTPS tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
926 70896 SYS_HTTPS tcp — * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
I think those overrule my rules which also need to be set for the portforwarding.
Please help.July 23, 2009 at 1:59 pm #48504
There was no problem….all was related to my internal webserver…
Tried another one on the Lan and then it magically worked….
You must be logged in to reply to this topic.