Cant open custom ports on VM instance - firewall

I am trying to acess my website that is on my oracle cloud instance on port 8082 via public ip and can't make it.
Cloud instance
curl localhost:8082
:works
Firewall settings
ALL default ports open
From outside

Have you open the UFW?
Take a look to instructions in
https://blogs.oracle.com/developers/post/enabling-network-traffic-to-ubuntu-images-in-oracle-cloud-infrastructure
sudo ufw app list
sudo ufw allow 8082
sudo ufw enable

First Connect with your cloud service provider they can open it or maybe they are blocking it for some security purpose.

disable Ubuntu's default firewall via
sudo ufw disable
then install firewalld
sudo apt install firewalld sudo systemctl enable firewalld
sudo firewall-cmd --permanent --zone=public --add-port=80/tcp sudo
firewall-cmd --permanent --zone=public --add-port=443/tcp sudo
firewall-cmd --reload
Fore More Info

Related

I have a issue with Ubuntu firewall

On Ubuntu if I use the command: sudo disable ufw then it can access my server on any port.
Once I enable firewall again then I run command: sudo ufw allow 9090/tcp then I start my spring boot website on port 9090. Now I use the command: curl http://server_id:9090 => It still block me. If I disable firewall then It can run
Who know root cause? How can I enable firewall and allow on a particular port.
Thanks

Can't access Azure Linux Virtual Machine via browser/HTTP

I have set up a VM in azure with Redhat Linux OS, I have installed Httpd service and placed a static webpage to access.
I am not able to access my VM via browser with public IP set on my VM. Although, I am able to ssh into the machine.
Steps I have already tried:
Set an inbound rule on the network security group for port 80, 443, 22(ssh).
Attached this NSG to both VNET & NIC but no luck.
Tried the same in AWS EC2 instance it works like a charm. Not sure why Azure is not that straight forward.
Tried to find the solution online and documentation but no luck.
Please help if you have any idea how can I access my app via a browser.
Please check, if SELINUX is configured correctly
Redhat reference here: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/managing_confined_services/chap-managing_confined_services-the_apache_http_server
Thanks,
Manu
Thanks Manu for your suggestion. But I found that Linux firewall was blocking it. So here is what I did:
Since I am using RHEL 8, the inbuilt firewall is via Firewalld not iptables(which is there for RHEL 6 and before).
1- By default, only port 22 open in firewalld. "firewall-cmd --list-all" command will show the details.
2- Added HTTP port. By using below 2 commands
$ sudo firewall-cmd --zone=public --add-service=http --permanent
$ sudo firewall-cmd --reload
3- Verify the change by using any of the below commands:
$ sudo firewall-cmd --list-services
$ sudo firewall-cmd --list-services --permanent
Please refer this link for more details:
https://www.cyberciti.biz/faq/configure-set-up-a-firewall-using-firewalld-on-rhel-8/

Linux Node JS listening on port 80 but not on other ports

I am a starting level at linux...
I got node JS to listen to port 80 and everything works well.
But when trying different ports it doesn't work.
Firewalld is not enabled...
and when trying in the browser I try localhost:8080
Any Ideas?
Stop firewall if already running
sudo systemctl stop firewalld
Check the status of iptable
If not already installed then install it using
yum install iptables-services
sudo systemctl status iptables
Enable the service at boot-time:
systemctl enable iptables
Managing the service
systemctl [stop|start|restart] iptables
Saving your firewall rules can be done as follows:
service iptables save
Start and Enable Firewall with this command
sudo systemctl start firewalld
sudo systemctl enable firewalld
Configure firewall and add Ip and range of ports to be enabled (optional)
firewall-cmd --add-rich-rule='rule family="ipv4" source address="10.0.0.0/8" port port="11224-12224" protocol="tcp" accept'
The above command takes the range of IPs and ports. You need to replace the IP and port range in the above command, make sure to change the x.x.x.x/n , here n is the number of ports.

Cannot access to CentOS from MS Windows via http

I have got installed CentOS 7 under virtual envirment.
It has proper hostname so I can ping it and it has acccess to internet inside of it and I can ping by IP and host name outside of it. Also It has working Apache and its test page is fine that has been checked locally.
Now I would like to get access to this test page from the MS Windows but I cannot. (I can ping CentOS by IP and hostname.)
Has it something to do with Iptables or firewall?
And this link doesnt help as well https://serverfault.com/questions/459267/enabling-http-access-on-port-80-for-centos-6-3-from-console
I assume some settings should be changed under CentOS but I am not sure which of them.
My question is which steps I have to execute to allow all those things?
Either disable firewalld.service
systemctl disable firewalld.service
systemctl stop firewalld.service
Or allow access to port 80
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --reload
Also disable SELINUX:
setenforce 0
sed -i 's/^SELINUX=enforcing/SELINUX=disabled/' /etc/sysconfig/selinux
So the answer is a simple one.
I just used Firewall settings to allow http and httpd.

Difficulty accessing Docker's API

I was struggling to get connected to the Docker API running on a RedHat 7.1 VM, the docker API is running on both a TCP port and a UNIX socket.
To configure this I set -H OPTIONS as follows:
OPTIONS='--selinux-enabled -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock'
in the file:
/etc/sysconfig/docker
Running the docker client on the same box, it connected OK to the docker daemon via either communication path:
docker images
or
docker -H=tcp://127.0.0.1:2375 images
both work equally well.
I was unable to get any sense out of it from another box, I figured the first thing to do would be to prove I can connect to port 2375 from elsewhere. I was having no joy when I tried:
telnet 10.30.144.66 2375
I figured it must be a firewall problem but it took a while longer before I realised it was the firewall built into Linux.
To make 2375 accessable:
Use one of the following depending on your distro
sudo firewall-cmd --zone=public --add-port=2375/tcp --permanent
sudo firewall-cmd --reload
OR
sudo iptables -I INPUT 4 -p tcp -m state --state NEW -m tcp --dport 2375 -j ACCEPT
sudo /sbin/service iptables save
I was facing similar problem when my IntelliJ IDE was not able to connect docker engine API installed on RHEL.
It got resolved with following:
firewall-cmd --add-port=2376/tcp --permanent
firewall-cmd --reload
systemctl restart docker

Resources