webalizer and iptables

webalizer and iptables

Post by Michael » Thu, 14 Nov 2002 00:29:40



Hi !

  I need to use webalizer to produce log for who visit mhy website and
where they come from ... i need to activate HOSTNAMELOOKUPS in apache
for give the origin in my apache log.

  But if i only open port 80 on my webserver Apache couln't not
comnunicate to receive info from people who visiting our website.

  Which port i need to open to make HOSTNAMELOOKUPS ?

thanks

--

  (O__   Michael Lessard            |
  //\    Running Slackware 8.1      |
//  )   Linux Kernel 2.4.19        |
V__/_   http://www.cegonhatech.com |

 
 
 

webalizer and iptables

Post by Erik Thij » Thu, 14 Nov 2002 00:53:08


Quote:>   Which port i need to open to make HOSTNAMELOOKUPS ?

try UDP port 53 (DNS)...

 
 
 

webalizer and iptables

Post by Jem Berke » Thu, 14 Nov 2002 02:18:50


Quote:>>   Which port i need to open to make HOSTNAMELOOKUPS ?

> try UDP port 53 (DNS)...

Since you're using iptables, which is a stateful firewall, it makes more
sense to take advantage of its connection tracking abilities: you don't
have to open any port explicitly. Try something like:

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

When a client behind the firewall sends a DNS request, the firewall
automatically makes a note of this connection and accepts packets that come
in reply to the request. I think.

--
Jem Berkes
http://www.pc-tools.net/
Windows, Linux & UNIX software

 
 
 

webalizer and iptables

Post by Michael » Thu, 14 Nov 2002 22:06:00



> >>  Which port i need to open to make HOSTNAMELOOKUPS ?

> >try UDP port 53 (DNS)...

> Since you're using iptables, which is a stateful firewall, it makes more
> sense to take advantage of its connection tracking abilities: you don't
> have to open any port explicitly. Try something like:

> iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

> When a client behind the firewall sends a DNS request, the firewall
> automatically makes a note of this connection and accepts packets that
> come
> in reply to the request. I think.

But if the client is on Firewall ???

--

  (O__   Michael Lessard            |
  //\    Running Slackware 8.1      |
//  )   Linux Kernel 2.4.19        |
V__/_   http://www.cegonhatech.com |

 
 
 

webalizer and iptables

Post by Michael » Fri, 15 Nov 2002 06:45:08


Thanks working greats :)


> >>  Which port i need to open to make HOSTNAMELOOKUPS ?

> >try UDP port 53 (DNS)...

> Since you're using iptables, which is a stateful firewall, it makes more
> sense to take advantage of its connection tracking abilities: you don't
> have to open any port explicitly. Try something like:

> iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

> When a client behind the firewall sends a DNS request, the firewall
> automatically makes a note of this connection and accepts packets that
> come
> in reply to the request. I think.

--

  (O__   Michael Lessard            |
  //\    Running Slackware 8.1      |
//  )   Linux Kernel 2.4.19        |
V__/_   http://www.cegonhatech.com |