I’m having trouble publicly accessing a MediaWiki server that I have set up on my Raspberry Pi. I am getting a “connection timed out” error when trying to visit the server remotely. It is however accessible to all computers on my LAN.
This doesn’t seem to be an issue with my router or the port forwarding, as I can change the destination IP to that of my Macbook and publicly access an Apache server set up on it.
I have made sure that ufw is inactive, and have used iptables to add rules allowing HTTP traffic. The output of
sudo iptables -L is below.
Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:http state NEW,ESTABLISHED Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp spt:http state ESTABLISHED
netstat -l gives the following:
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:ssh *:* LISTEN tcp 0 0 localhost:postgresql *:* LISTEN tcp 0 0 localhost:4700 *:* LISTEN tcp 0 0 *:microsoft-ds *:* LISTEN tcp 0 0 *:afpovertcp *:* LISTEN tcp 0 0 localhost:mysql *:* LISTEN tcp 0 0 localhost:6379 *:* LISTEN tcp 0 0 *:netbios-ssn *:* LISTEN tcp 0 0 *:http *:* LISTEN udp 0 0 *:26592 *:* udp 0 0 *:mdns *:* udp 0 0 *:42516 *:* udp 0 0 *:bootpc *:* udp 0 0 raspberrypi:ntp *:* udp 0 0 localhost:ntp *:*
Is there a way to log what exactly is going on with this request on the Pi?
You may try iptables with the -v option – it will show you the number of packets and bytes that have so far matched a specific rule, or the chains default action (as your INPUT DROP action).
Also, fire up “tcpdump port 80” on your Raspberry Pi. It will show you all packets on port 80, even before iptables may drop them. Another possibility would be “tcpflow -c port 80”, it shows you less info about packets and more about the actual HTTP stream.
Both tcpdump and tcpflow are usually not installed by default, so you’ll have to do that first.