Apache not serving after server restart - apache

I just restarted my server on digital ocean using reboot, and now apache is not serving any pages. I can ping the IP from my client. Everything was working fine before the restart. Here are some outputs from some of the tests I've done so far:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1005/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1774/sendmail: MTA:
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 1241/mysqld
tcp 0 0 127.0.0.1:587 0.0.0.0:* LISTEN 1774/sendmail: MTA:
tcp 0 0 127.0.0.1:11211 0.0.0.0:* LISTEN 1703/memcached
tcp6 0 0 :::22 :::* LISTEN 1005/sshd
tcp6 0 0 :::443 :::* LISTEN 2991/apache2
tcp6 0 0 :::80 :::* LISTEN 2991/apache2
Here is result of netstat. I'm not sure but does this mean that apache is not listening on IPV4 (TCP)??:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1005/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1774/sendmail: MTA:
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 1241/mysqld
tcp 0 0 127.0.0.1:587 0.0.0.0:* LISTEN 1774/sendmail: MTA:
tcp 0 0 127.0.0.1:11211 0.0.0.0:* LISTEN 1703/memcached
tcp6 0 0 :::22 :::* LISTEN 1005/sshd
tcp6 0 0 :::443 :::* LISTEN 2991/apache2
tcp6 0 0 :::80 :::* LISTEN 2991/apache2
udp 0 0 127.0.0.1:11211 0.0.0.0:* 1703/memcached
The error.log seems OK:
[Thu Oct 01 09:09:20.131886 2015] [mpm_prefork:notice] [pid 2991] AH00171: Graceful restart requested, doing restart
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
[Thu Oct 01 09:09:20.213216 2015] [:notice] [pid 3176] FastCGI: process manager initialized (pid 3176)
[Thu Oct 01 09:09:20.221458 2015] [ssl:warn] [pid 2991] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Thu Oct 01 09:09:21.001486 2015] [mpm_prefork:notice] [pid 2991] AH00163: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 OpenSSL/1.0.1f configured -- resuming normal operations
[Thu Oct 01 09:09:21.002462 2015] [core:notice] [pid 2991] AH00094: Command line: '/usr/sbin/apache2'


There are various things you can try to resolve the problem:
You can SSH into your server and check for a config syntax error:
#httpd -t
#httpd -S
You should see a "Syntax OK" message if the httpd.conf is configured properly.
You could check the Apache Error Log File which will point out the exact problem location:
tail -f /var/log/httpd-error.log
egrep -i 'warn|error' /var/log/httpd-error.log
Another option is to check for other processes that may be using port 80 or 443. Use the netstat command to list open ports and their owners:
# netstat -tulpn
# netstat -tulpn | grep
# netstat -tulpn | grep ':80'
If other process using port 80 / 443, you need to stop them or assign another port to Apache.
If none of the above things are helpful, you can check for open file FD limits, Apache/PHP/Python/CGI log file size and DNS configuration.
Hopefully there are some ideas you can try there.
Cheers

Related

how to authenticate coturn with rest api

i am running the coturn server in ubuntu on localhost
here is my turnserver.conf
verbose
listening-ip=127.0.0.1
realm=test.demo
static-auth-secret=fb1d5d356dff13e709980e2a07dfcef130a713d53e4c6701efe4b770f27e17d4
use-auth-secret
starting the server as
service coturn start
service coturn status
returned
● coturn.service - LSB: coturn TURN Server
Loaded: loaded (/etc/init.d/coturn; generated)
Active: active (running) since Fri 2020-10-02 17:28:08 PKT; 3s ago
Docs: man:systemd-sysv-generator(8)
Process: 18905 ExecStop=/etc/init.d/coturn stop (code=exited, status=0/SUCCESS)
Process: 18912 ExecStart=/etc/init.d/coturn start (code=exited, status=0/SUCCESS)
Tasks: 15 (limit: 4915)
CGroup: /system.slice/coturn.service
└─18934 /usr/bin/turnserver -c /etc/turnserver.conf -o -v
Oct 02 17:28:08 user-Inspiron-7773 systemd[1]: Starting LSB: coturn TURN Server...
Oct 02 17:28:08 user-Inspiron-7773 coturn[18912]: * Starting coturn turnserver
Oct 02 17:28:08 user-Inspiron-7773 coturn[18912]: ...done.
Oct 02 17:28:08 user-Inspiron-7773 systemd[1]: Started LSB: coturn TURN Server.
and sudo netstat -npta | grep turnserver gives
tcp 0 0 127.0.0.1:3478 0.0.0.0:* LISTEN 18934/turnserver
tcp 0 0 127.0.0.1:3478 0.0.0.0:* LISTEN 18934/turnserver
tcp 0 0 127.0.0.1:3478 0.0.0.0:* LISTEN 18934/turnserver
tcp 0 0 127.0.0.1:3478 0.0.0.0:* LISTEN 18934/turnserver
tcp 0 0 127.0.0.1:3478 0.0.0.0:* LISTEN 18934/turnserver
tcp 0 0 127.0.0.1:3478 0.0.0.0:* LISTEN 18934/turnserver
tcp 0 0 127.0.0.1:3478 0.0.0.0:* LISTEN 18934/turnserver
tcp 0 0 127.0.0.1:3478 0.0.0.0:* LISTEN 18934/turnserver
i have generated the temporary username and password
val secretKey = "fb1d5d356dff13e709980e2a07dfcef130a713d53e4c6701efe4b770f27e17d4"
val userId= "abcd1234"
val ttl:Long = 3600 * 6
val unixTimeStamp =System.currentTimeMillis()/1000L + ttl
val userName = unixTimeStamp +":"+ userId
val secret = new SecretKeySpec(secretKey.getBytes, "HmacSHA1")
val mac = Mac.getInstance("HmacSHA1")
mac.init(secret)
val result: Array[Byte] = mac.doFinal(userName.getBytes)
val hashStr= new String(result.map(_.toChar))
val password = Base64.getEncoder.encodeToString(hashStr.getBytes())
and it produces the output
username:1601663142:abcd1234
password: Wi4H776QJCoFbe+/hgrvv7Pvv5te77+m776L776K776N77+Y77+UUQ==
i have tested this in two ways
first in chrome console following code throws the exception
var iceConfiguration = {
iceServers: [
{
urls: 'turn:127.0.0.1:3478',
username: '1601663142:abcd1234',
credentials: 'Wi4H776QJCoFbe+/hgrvv7Pvv5te77+m776L776K776N77+Y77+UUQ=='
}
]
}
var peerConnection = new RTCPeerConnection(iceConfiguration);
Uncaught DOMException: Failed to construct 'RTCPeerConnection': Both username and credential are required when the URL scheme is "turn" or "turns".
at <anonymous>:12:22
(anonymous) # VM41:12
and Tricle Ice
how can i get it to working

I think the answer is simple, you've specified credentials and the error is that credential is missing, so remove the s and try again.

Asterisk API - problem reaching from browser [closed]

Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 3 months ago.
Improve this question
I have configured Issabel with Asterisk :
[root#issabel ~]# asterisk -V
Asterisk 11.25.3
enabled mini http server at /etc/asterisk/http.conf
enabled manager access at /etc/asterisk/manager.conf
http.conf:
#include http_additional.conf
#include http_custom.conf
[general]
enabled=yes
enablestatic=yes
bindaddr=0.0.0.0
bindport=8080
prefix=
tlsenable=no
tlsbindaddr=
tlscertfile=
tlsprivatekey=
manager.conf:
[general]
enabled = yes
bindaddr = 0.0.0.0
port = 5038
#include manager_general_additional.conf
[admin]
username = foo
secret = bar
#deny=0.0.0.0/0.0.0.0
permit=0.0.0.0/0.0.0.0
permit=127.0.0.1/255.255.255.0
read = system,call,log,verbose,command,agent,user,config,command,dtmf,reporting,cdr,dialplan,originate
write = system,call,log,verbose,command,agent,user,config,command,dtmf,reporting,cdr,dialplan,originate
writetimeout = 5000
httptimeout = 36000
#include manager_additional.conf
#include manager_custom.conf
i am trying to create some API based on this article:
[https://wiki.asterisk.org/wiki/display/AST/Allow+Manager+Access+via+HTTP][1]
the article says , that first i must log in via:
http://localhost:8088/manager?action=login&username=foo&secret=bar
of course i have issabel server in my local network, so i am trying to log in from Chrome:
http://192.168.0.100:8088/manager?action=login&username=foo&secret=bar
the result is the following:
Not Found
The requested URL was not found on this server.
Asterisk Server
the ports on the server are open, listening, no firewall blocking them - i can telnet these ports 8080 and 5038 from my command line
netstat on my issabel server:
[root#issabel ~]# netstat -tlpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 1181/smbd
tcp 0 0 0.0.0.0:4190 0.0.0.0:* LISTEN 2414/cyrus-master
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 2414/cyrus-master
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 2414/cyrus-master
tcp 0 0 127.0.0.1:20004 0.0.0.0:* LISTEN 2558/php
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 2011/mysqld
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 1181/smbd
tcp 0 0 0.0.0.0:5038 0.0.0.0:* LISTEN 2526/asterisk
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 2414/cyrus-master
tcp 0 0 0.0.0.0:4559 0.0.0.0:* LISTEN 2587/hfaxd
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 2414/cyrus-master
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 2526/asterisk
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 981/sshd
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 1658/master
tcp6 0 0 :::443 :::* LISTEN 979/httpd
tcp6 0 0 :::445 :::* LISTEN 1181/smbd
tcp6 0 0 :::4190 :::* LISTEN 2414/cyrus-master
tcp6 0 0 :::993 :::* LISTEN 2414/cyrus-master
tcp6 0 0 :::995 :::* LISTEN 2414/cyrus-master
tcp6 0 0 :::139 :::* LISTEN 1181/smbd
tcp6 0 0 :::110 :::* LISTEN 2414/cyrus-master
tcp6 0 0 :::143 :::* LISTEN 2414/cyrus-master
tcp6 0 0 :::80 :::* LISTEN 979/httpd
tcp6 0 0 :::22 :::* LISTEN 981/sshd
tcp6 0 0 :::25 :::* LISTEN 1658/master
My goal is, to show the calling numbers to my CallCenter operators , find these numbers in my local database and display the caller names with the data needed to handle the cutomers in our information system based on web.
[root#issabel static-http]# ls -la ./
total 696
drwxrwxr-x 2 asterisk asterisk 4096 Jul 15 2019 .
drwxrwxr-x. 14 asterisk asterisk 4096 Jun 8 06:12 ..
-rw-rw-r-- 1 asterisk asterisk 6066 Jun 6 2018 ajamdemo.html
-rw-rw-r-- 1 asterisk asterisk 461 Jun 6 2018 astman.css
-rw-rw-r-- 1 asterisk asterisk 7912 Jun 6 2018 astman.js
-rw-rw-r-- 1 asterisk asterisk 573949 Jun 6 2018 core-en_US.xml
-rw-rw-r-- 1 asterisk asterisk 4170 Jun 6 2018 mantest.html
-rw-rw-r-- 1 asterisk asterisk 96653 Jun 6 2018 prototype.js
any hint appreciated

You also need install web files in correct location.
Check that you have files in /var/lib/asterisk/static-http/

cp -Rfv /var/lib/asterisk/* /usr/share/asterisk/

Apache failed to start on centos7 on cwp

Am running contos7 in my server, yesterday i tried to restart my apache but it failed and since then could not start again.
Everytime i try to start it will show below warning.
Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details
I tried following this post https://stackoverflow.com/a/37131726/8778864, but stocked on what next to do after i have list all port, please am very new in linux / server, can anyone help out.
netstat -punta | grep LISTEN
My output when i run the above command
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN 394/dovecot
tcp 0 0 0.0.0.0:2082 0.0.0.0:* LISTEN 426/cwpsrv: master
tcp 0 0 0.0.0.0:2083 0.0.0.0:* LISTEN 426/cwpsrv: master
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN 394/dovecot
tcp 0 0 0.0.0.0:7777 0.0.0.0:* LISTEN 376/sshd
tcp 0 0 0.0.0.0:2086 0.0.0.0:* LISTEN 426/cwpsrv: master
tcp 0 0 0.0.0.0:2087 0.0.0.0:* LISTEN 426/cwpsrv: master
tcp 0 0 127.0.0.1:10025 0.0.0.0:* LISTEN 552/master
tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 552/master
tcp 0 0 0.0.0.0:2030 0.0.0.0:* LISTEN 426/cwpsrv: master
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 394/dovecot
tcp 0 0 0.0.0.0:2095 0.0.0.0:* LISTEN 426/cwpsrv: master
tcp 0 0 0.0.0.0:2031 0.0.0.0:* LISTEN 426/cwpsrv: master
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 394/dovecot
tcp 0 0 0.0.0.0:2096 0.0.0.0:* LISTEN 426/cwpsrv: master
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 552/master
tcp 0 0 132.17.288.75:53 0.0.0.0:* LISTEN 411/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 411/named
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 397/pure-ftpd (SERV
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 552/master
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 411/named
tcp 0 0 127.0.0.1:2302 0.0.0.0:* LISTEN 426/cwpsrv: master
tcp 0 0 0.0.0.0:4190 0.0.0.0:* LISTEN 394/dovecot
tcp6 0 0 :::7777 :::* LISTEN 376/sshd
tcp6 0 0 :::3306 :::* LISTEN 434/mysqld
tcp6 0 0 :::587 :::* LISTEN 552/master
tcp6 0 0 :::465 :::* LISTEN 552/master
tcp6 0 0 ::1:53 :::* LISTEN 411/named
tcp6 0 0 :::21 :::* LISTEN 397/pure-ftpd (SERV
tcp6 0 0 :::25 :::* LISTEN 552/master
tcp6 0 0 ::1:953 :::* LISTEN 411/named
[root#host admin101]# systemctl status httpd.service
● httpd.service - Web server Apache
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Wed 2019-01-02 05:38:34 UTC; 2h 38min ago
Process: 15750 ExecStart=/usr/local/apache/bin/apachectl start (code=exited, status=1/FAILURE)
Dec 31 11:11:12 host.example.com systemd[1]: Failed to start Web server Apache.
Dec 31 11:11:12 host.example.com systemd[1]: Unit httpd.service entered failed state.
Dec 31 11:11:12 host.example.com systemd[1]: httpd.service failed.
Dec 31 11:19:37 host.example.com systemd[1]: Starting Web server Apache...
Dec 31 11:19:37 host.example.com apachectl[26747]: AH00526: Syntax error on line 15 of /usr/local/apache/conf.d/vhosts-ssl.conf:
Dec 31 11:19:37 host.example.com apachectl[26747]: SSLCertificateFile: file '/etc/pki/tls/certs/website1.com.cert' does not exist or is empty
Dec 31 11:19:37 host.example.com systemd[1]: httpd.service: control process exited, code=exited status=1
Dec 31 11:19:37 host.example.com systemd[1]: Failed to start Web server Apache.
Dec 31 11:19:37 host.example.com systemd[1]: Unit httpd.service entered failed state.
Dec 31 11:19:37 host.example.com systemd[1]: httpd.service failed.
[root#host admin101]#

There is most likely a hostname vs certificate resolution problem.
Please see following:
https://forum.centos-webpanel.com/centos-7-problems/cwpsrv-service-failed-emerg/
Ensure correct certificates listed in:
/usr/local/cwpsrv/conf/cwpsrv.conf/cwpsrv.conf
} ssl_certificate /etc/pki/tls/certs/hostname.cert;
} ssl_certificate_key /etc/pki/tls/private/hostname.key;
Then:
1) From cwp save your hostname again and it will generate a new certificate and key
If not possible to access CWP as happened to me... Access server through CLI and key in the following command/s
sh /scripts/generate_hostname_ssl
OR if this above does not work;
sh /usr/local/cwpsrv/htdocs/resources/scripts/generate_hostname_ssl

Dec 31 11:19:37 host.example.com apachectl[26747]: SSLCertificateFile: file '/etc/pki/tls/certs/website1.com.cert' does not exist or is empty
Looks like you are trying to install SSL but misconfigured. Checkout with your SSL first, and rebuild vhosts. This would solve your issue and let you start apache again.

If you use "AutoSSL" delete all certificate which built from it (All Let's Encrypt), then restart Apache service.

Apache does not start on EC2

I have a t2.medium ec2 instance which runs apache. Everything was fine till today morning but suddenly apache stopped working and does not restart again.
[ec2-user#ip-172-31-3-46 ~]$ sudo service httpd start
Starting httpd: [FAILED]
[ec2-user#ip-172-31-3-46 ~]$ service httpd start
Starting httpd: (13)Permission denied: AH00072: make_sock: could not bind to address [::]:80
(13)Permission denied: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
[FAILED]
Then we checked where port 80 is already listening.
[ec2-user#ip-172-31-3-46 ~]$ sudo netstat -tupln
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 2204/rpcbind
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2392/sshd
tcp 0 0 0.0.0.0:38935 0.0.0.0:* LISTEN 2225/rpc.statd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2714/sendmail
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 2664/mysqld
tcp 0 0 :::111 :::* LISTEN 2204/rpcbind
tcp 0 0 :::22 :::* LISTEN 2392/sshd
tcp 0 0 :::46232 :::* LISTEN 2225/rpc.statd
udp 0 0 0.0.0.0:68 0.0.0.0:* 2090/dhclient
udp 0 0 0.0.0.0:111 0.0.0.0:* 2204/rpcbind
udp 0 0 172.31.3.46:123 0.0.0.0:* 2416/ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:* 2416/ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 2416/ntpd
udp 0 0 0.0.0.0:51407 0.0.0.0:* 2225/rpc.statd
udp 0 0 0.0.0.0:683 0.0.0.0:* 2204/rpcbind
udp 0 0 127.0.0.1:708 0.0.0.0:* 2225/rpc.statd
udp 0 0 :::111 :::* 2204/rpcbind
udp 0 0 :::683 :::* 2204/rpcbind
udp 0 0 :::40147 :::* 2225/rpc.statd
But there is no sign of port 80 in this.
We need to go live today but this has posed a major problem? Can someone please suggest what to do?

Try this: pidof httpd or pidof apache2 (depending on the distro running on that t2micro aws instance). If it returns any pid then kill that pid or those pids manually issuing a kill -9 pid then try restarting apache. If that doesn't work you should investigate the apache logs. That should give you more info about what is preventing apache to start and a possible way to fix the issue so you can start apache. Deploying a new instance is not going to help you to start the apache on your current instance and/or figure out the current issue.

Q about Vagrant: I'm setting a centos 6.5 in vagrant, I have installed httpd but I can't access website on virtual machine

I'm setting a centos 6.5 in vagrant as server.
I use private_network setting with IP: 192.168.33.20
I used ip address 192.168.33.20 to access SSH and SFTP on virtual machine.
But only I can't access website by that IP address (192.168.33.20) although I have installed httpd and httpd is running
[root#centos65 ~]# netstat -nltp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:45525 0.0.0.0:* LISTEN 1082/rpc.statd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1208/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1285/master
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1062/rpcbind
tcp 0 0 :::22 :::* LISTEN 1208/sshd
tcp 0 0 ::1:25 :::* LISTEN 1285/master
tcp 0 0 :::34314 :::* LISTEN 1082/rpc.statd
tcp 0 0 :::111 :::* LISTEN 1062/rpcbind
tcp 0 0 :::80 :::* LISTEN 3202/httpd
checking SELinux, it is disabled
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
Changing HTTP Port
[root#centos65 ~]# sudo netstat -nltd
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:49655 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 :::22 :::* LISTEN
tcp 0 0 ::1:25 :::* LISTEN
tcp 0 0 :::45389 :::* LISTEN
tcp 0 0 :::111 :::* LISTEN
tcp 0 0 :::8080 :::* LISTEN
I cannot access my Web Server from my host

Open port 80, go to and write
# vi /etc/sysconfig/iptables
Insert a new line
-A INPUT -p tcp -m state –state NEW –dport 80 -j ACCEPT
That's all to resolve the problem