apache/application running on ubuntu not responding connection requests

Question

I am having apache server running on my ubuntu system, But when i try to access through my windows system using IE, chrome,postman, i get error as (website is online but not responding to connection attempts).

I have done tcpdump on my ubuntu system, I got below log

(10.223.186.65 is ip of my windows system, 10.223.197.177 is ip of my linux system)

 sudo tcpdump -i ens2f0 'port 80' 
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens2f0, link-type EN10MB (Ethernet), capture size 262144 bytes
18:38:07.437762 IP 10.223.186.65.49279 > 10.223.197.177.http: Flags [S], seq 1024624045, win 65535, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
18:38:08.442487 IP 10.223.186.65.49279 > 10.223.197.177.http: Flags [S], seq 1024624045, win 65535, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
18:38:10.442214 IP 10.223.186.65.49279 > 10.223.197.177.http: Flags [S], seq 1024624045, win 65535, options [mss 1460,nop,nop,sackOK], length 0
18:38:22.291090 IP 10.223.186.65.49287 > 10.223.197.177.http: Flags [S], seq 4095681508, win 65535, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
18:38:23.297443 IP 10.223.186.65.49287 > 10.223.197.177.http: Flags [S], seq 4095681508, win 65535, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
18:38:25.297053 IP 10.223.186.65.49287 > 10.223.197.177.http: Flags [S], seq 4095681508, win 65535, options [mss 1460,nop,nop,sackOK], length 0
18:38:33.501498 IP 10.223.186.65.49288 > 10.223.197.177.http: Flags [S], seq 2981170598, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
18:38:34.510766 IP 10.223.186.65.49288 > 10.223.197.177.http: Flags [S], seq 2981170598, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
18:38:36.511607 IP 10.223.186.65.49288 > 10.223.197.177.http: Flags [S], seq 2981170598, win 8192, options [mss 1460,nop,nop,sackOK], length 0
18:38:39.849683 IP 10.223.186.65.49290 > 10.223.197.177.http: Flags [S], seq 2142699807, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
18:38:40.056095 IP 10.223.186.65.49291 > 10.223.197.177.http: Flags [S], seq 2881184651, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
18:38:40.562896 IP 10.223.186.65.49292 > 10.223.197.177.http: Flags [S], seq 951667956, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
18:38:42.807829 IP 10.223.186.65.49290 > 10.223.197.177.http: Flags [S], seq 2142699807, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
18:38:43.056197 IP 10.223.186.65.49291 > 10.223.197.177.http: Flags [S], seq 2881184651, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
18:38:43.560534 IP 10.223.186.65.49292 > 10.223.197.177.http: Flags [S], seq 951667956, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
18:38:48.806808 IP 10.223.186.65.49290 > 10.223.197.177.http: Flags [S], seq 2142699807, win 8192, options [mss 1460,nop,nop,sackOK], length 0
18:38:49.052968 IP 10.223.186.65.49291 > 10.223.197.177.http: Flags [S], seq 2881184651, win 8192, options [mss 1460,nop,nop,sackOK], length 0
18:38:49.568802 IP 10.223.186.65.49292 > 10.223.197.177.http: Flags [S], seq 951667956, win 8192, options [mss 1460,nop,nop,sackOK], length 0

sudo netstat -anp | grep apache
tcp6       0      0 :::5000                 :::*                    LISTEN      6094/apache2
tcp6       0      0 :::80                   :::*                    LISTEN      6094/apache2
tcp6       0      0 :::35357                :::*                    LISTEN      6094/apache2
unix  2      [ ACC ]     STREAM     LISTENING     40684    6094/apache2        /var/run/apache2.6094.0.1.sock
unix  2      [ ACC ]     STREAM     LISTENING     40685    6094/apache2        /var/run/apache2.6094.0.2.sock
unix  2      [ ACC ]     STREAM     LISTENING     40686    6094/apache2        /var/run/apache2.6094.0.3.sock
unix  2      [ ACC ]     STREAM     LISTENING     40687    6094/apache2        /var/run/apache2.6094.0.4.sock

wget 10.223.197.177:80 (works fine from same ubuntu system)

Apache is running on port 80 but still i am unable to get output on my browser, i tried both chrome and IE.I have similar setup on another ubuntu system which works fine.I know issue is on my ubuntu system but unable to trace it.Could anyone please help me to debug the problem i am facing.Has anyone faced same problem anytime

Answer 1

You've verified that Apache is running (both through netstat and wget from the local system) and you've started doing packet captures which verify that ARP is working as well as the TCP packet is arriving at the destination. Thumbs up for that. :)

When a packet arrives at it's destination but doesn't reply, there are (usually) two root causes:

1. The application is misconfigured or
2. There is something dropping or re-routing the packets

From what you've posted, let's check both items:

For the application, check your httpd.conf file and make sure your access control is set up correctly. Disregarding security, it should look something like this (from a default CentOS install):

<Directory /var/www/html> # This statement will allow everyone to access the # web server once they are able to reach it over TCP. Require all granted </Directory>

Also, take a look at the Apache logs (they may be set in your httpd.conf file under <CustomLog> otherwise they should be under /var/log/ somewhere). Check to see if there are any error messages when you attempt to connect - If there is an Apache configuration blocking the access, you should see it in the logs.

With regards to the network, assuming your Apache access control is set up properly, check to see if something is dropping the packets. See if you have any firewall rules enabled with: sudo ufw status. If you do, you can try disabling the firewall with sudo ufw disable which will flush any firewall rules on the Ubuntu box although they will return on reboot.

*Edited for Ubuntu UFW instead of CentOS iptables commands.