4. Cant access web config from lan *FIXED*

Cant access web config from lan *FIXED*

  • U

    lighthttpd is running but for some reason i cannot access the webconfig from anywhere on the lan (i can ssh in and use the web in general from the lan). This happened after I relocated my office so probably zero correlation there.

    assuming i restore to factory default settings id like to be able to back up my aliases and interface rules, where is this data stored?

    ideally id like to unload snort first bc there is nothing in the regular rules that would have caused this. something may have triggered snort, not sure. So is there a way to disable snort first from the command line before i start backing up settings and restore factory defaults?

    Thanks in advance!

    0
  • C

    What if you SSH tunnel to 127.0.0.1:443?

    0
  • U

    not working at all actually but i may not be doing it right

    ive tried ssh -D 443 -C admin@192.168.0.50
    and
    ssh -L 443:127.0.0.1:443 -l admin -p 22 192.168.0.50
    as well and flipped the ffox to use localhost socks 5 port 443

    192.168.0.50 is the pfsense box

    its strange bc i see absolutely nothing in the filter logs from any machine on the lan i try to use to connect to the pf box. its like httpd isnt even running

    ive rebooted the box a few times w/o any luck. I do have the settings backed up in the xml file from before, but i would need a way to get that file on the machine locally and import thru the command line.

    0
  • U

    i was able to get an ssh tunnel out w ssh -D 443 -f -C -q -N admin@192.168.0.50

    but, "Firefox can't establish a connection to the server at 192.168.0.50."

    httpd is just hanging it looks like.

    netstat -a on the pfbox reveals that lighttpd is not actually listening to anything, its not listed at all where it should look like:
    tcp4       0      0 *.http                 .                    LISTEN

    which is the case on another pf box on the lan.

    kill -HUP PID for lighttpd didnt resolve it either.
    i will keep digging

    at least we know a rule or snort didn't go haywire

    edit
    fixed it, originally i had httpd bound to port 443 to enable ssl by default. i killed the pid of lighttpd and manually edited
    /var/etc/lighty-webConfigurator.conf
    and changed "server.port = 443" back to "server.port = 80"
    then start it back up again: /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf

    and now:
    tcp4      0      0 *.http                .                    LISTEN

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy