The connection was reset

Linux and Unix-Like Emergency UNIX and Linux Support
1

Hi Folks,

I have recently started Apache on my Fedora 11. I placed a working html file in the ServerRoot.
I can wget and telnet from within the localhost and access the index.html.

My telnet to port 80 from another machine works fine but when I try to access the web page through Firefox I get "The connection was reset". Does'nt work through IE either and times out.

The page is fine as I saved it and accessed it through the browser locallly and it worked.

Netstat and access_log dont show that I tried to connect.

Not sure what is broken here... any clues you can give me?

Thanks,
Jack.

2

Check SELinux, which I think comes enabled on Fedora.

As root:

# getenforce

If that returns "enforcing" then test to see if it's a problem by running

# setenforce Permissive

and see if the behavior is any different.

3

Hey Malcolmpdx!

Thanks for the quick reply but that didnt change the behaviour.

Regards,
Jack

4

You should also check the firewall. Port 80 is not allowed by default.

1 Like
5

Try changing the httpd.conf to listen on a higher number port... a common favorite is 8080.

6

That wouldn't help, because port 8080 is also closed by default.

The easiest way is to start "System > Administration > Firewall", select "Trusted Services", scroll down to "WWW (HTTP)" and check the checkbox next to it, klick the apply button and you are done.

1 Like
7

Don't forget to put selinux back to

# setenforce Enforcing

afterwards, after you are done.

1 Like
8

Yes, definitely put SElinux back in enforcing mode after that test.

If I'm reading your original post correctly:

$ wget http://localhost   <--- works
$ telnet localhost 80
GET / HTTP/1.1
Hostname: your_hostname

(works)

(go to a different host)
$ telnet name_of_first_host 80
GET / HTTP/1.1
Hostname: your_hostname

(works)

If the last telnet from a different host works, then we know that the first hosts firewall at the very least allows traffic to port 80 from _some_ hosts. Maybe not the one that you are eventually trying via firefox or MSIE from.

So, is the host that the telnet works from on the local network, but the host that you're trying Firefox from on some other network? Do the web browsers on that host go through a proxy or a filter, that telnet might bypass? Generally speaking, I would:

1) on a remote host:
ping the webserver by IP
traceroute to the webserver by IP
telnet to the webserver on port 80 by IP
see if I can resolve the name of the webserver (dig, host, nslookup)
ping, traceroute, and telnet using the name

Ping may be disabled, so failing that may not be a big deal.
Traceroute might show you that the traffic is passing through some sort of external firewall.
telnet checks to see if you can reach the webserver process.

2) assuming all these look reasonable, then I would start suspecting browser settings, proxies, and so forth. If they don't look reasonable, then I would start suspecting firewall settings, either on the webserver itself, or on an external firewall between my test host and the webserver. I would also check:

/etc/hosts.allow
/etc/hosts.deny

on the webserver.

Best of luck!

9

hergp, that worked but I am confused coz I was able to "telnet IP 80" from another computer earlier and thought firewall was open?

What does checking the service do here?

Thanks,
Jack.

---------- Post updated at 10:54 AM ---------- Previous update was at 10:49 AM ----------

Hey Mal/hegrp!

The telnet earlier didnt return "GET/HTTP/1.1" but I was inside the session as I could hit carriage return... Maybe that was an indication but I thought when firewall is blocking then I get disconnected immediately. Can you explain a little here so that I understand completely.

$ telnet name_of_first_host 80
GET / HTTP/1.1
Hostname: your_hostname