node inspect on google cloud console setup firewall - node.js

I am trying to setup the firewall for accessing node inspect using my local chrome browser.
Does anybody have a good short guide and which tcp protocol do I need to enable.
I have a firewall rule active where the compute instance enables tcp:80. It worked in the past of a http server. How do I know which port to use for node inspect and how to enable it.

If found it myself. I have to use an ssh tunnel. https://nodejs.org/en/docs/guides/debugging-getting-started/#enabling-remote-debugging-scenarios
Enabling remote debugging scenarios
We recommend that you never have the debugger listen on a public IP address. If you need to allow remote debugging connections we
recommend the use of ssh tunnels instead. We provide the following
example for illustrative purposes only. Please understand the security
risk of allowing remote access to a privileged service before
proceeding.
Let's say you are running Node on remote machine, remote.example.com, that you want to be able to debug. On that
machine, you should start the node process with the inspector
listening only to localhost (the default).
$ node --inspect server.js
Now, on your local machine from where you want to initiate a debug client connection, you can setup an ssh tunnel:
$ ssh -L 9221:localhost:9229 user#remote.example.com
This starts a ssh tunnel session where a connection to port 9221 on your local machine will be forwarded to port 9229 on
remote.example.com. You can now attach a debugger such as Chrome
DevTools or Visual Studio Code to localhost:9221, which should be able
to debug as if the Node.js application was running locally.

Related

VS2019 Remote debugger - unable to connect

I am trying to connect to VS2019 remote debugger installed on virtual machine (Windows Server 2022 version 21H2) hosted in Azure cloud.
Remote debugger is installed correctly and I've checked that TCP port number in options is set to 4024.
Now, when I try to connect from my machine I got an error message
Unable to connect to 'hostname'. The Visual Studio 2019 Remote Debugger (MSVSMON.EXE) does not appear to be running on the remote computer. This may be because a firewall is preventing communication to the remote computer. Please see Help for assistance on configuring remote debugging.
So the first thing we tried was properly set up firewall and open needed ports. After that it still doesn't work.
I've checked which ports msvsmon.exe process listens on and found out it does not use the preferred port 4024 but rather it listens on some random ports.
netstat -abo -p tcp
TCP 0.0.0.0:20031 hostname:0 LISTENING 9920
[msvsmon.exe]
TCP 0.0.0.0:20035 hostname:0 LISTENING 11148
[msvsmon.exe]
Even when remote debugger window falsely states
1.9.2022 14:25:26 Msvsmon started a new server named 'hostname:4024'. Waiting for new connections.
I've also tried starting msvsmon.exe with /port option. GUI says it used this port but in fact it still listens on some random port.
Any idea, why msvsmon starts server on random port instead of the one set in options?

Cannot connect from windows to redis linux server

I cannot connect to redis server (ubuntu server 16.04 LTS 64 bits on separate PC) from windows 8.1 64-bits. Redis is well documented, however I found very little information how to connect redis server from separate machine.
I have installed latest version of redis into linux and locally everything works fine. I start server via redis-server and also I start redis-cli and after that I am able to add information into server and retrieve it. The same situation is in windows - everything works locally.
In order to connect from windows into linux redis server I did these changes.
In linux I set the static local IP via sudo nano /etc/network/interfaces
address 192.186.xxx.xxx
netmask 255.255.255.0
network 192.168.xxx.xxx
broadcast 192.168.xxx.xxx
gateway 192.168.xxx.xxx
dns-nameservers 8.8.8.8
In redis.conf file I bind my windows PC IP which is given by my internet service provider. I also opened TCP 6379 port in my router GUI. In windows I modify redis.windows-service.conf and redis.windows.conf files. In both of them I bind my IP address given by my internet service provider. After this I cannot start redis-cli properly (empty black cmd window is visible)
What I am doing wrong? I would be very grateful for any help.
You should modify the redis conf, my redis conf is located at /etc/redis/6379.conf.
And you should comment the line "bind 127.0.0.1" Or change to bind 0.0.0.0.
The bind specify which network interface the redis server should listen to. The default is localhost.
And also Change the protected-mode to no :
Protected mode is a layer of security protection, in order to avoid that
Redis instances left open on the internet are accessed and exploited.
When protected mode is on and if:
1) The server is not binding explicitly to a set of addresses using the
"bind" directive.
2) No password is configured.
The server only accepts connections from clients connecting from the
IPv4 and IPv6 loopback addresses 127.0.0.1 and ::1, and from Unix domain
sockets.
By default protected mode is enabled. You should disable it only if
you are sure you want clients from other hosts to connect to Redis
even if no authentication is configured, nor a specific set of interfaces
are explicitly listed using the "bind" directive.
protected-mode yes
If you don't disable the protected-mode, your redis server will not listen public ip interface. more detail see above.
If you can access the remote server from your machine, your problem is most probably with redis security config, read the Securing Redis section in this document
I found that most of the time people don't change the "bind" directive value in redis config, you can test that by setting bind 0.0.0.0 and restarting redis server, if that's the issue, you can then allow whatever subnets you need to access the server.
I have also experience the same issue trying to connect to Redis (MSOpenTech 3.0.5 and 3.2.1) By default if no binding is stated then redis(according to the comments in the conf file) will listen to all available interfaces. That said, v 3.2.1 does have 'bind 127.0.0.1' already set... in 3.0.5 Setting the binding to 'bind 127.0.0.1' still allows the redis-cli to be used. Binding to 192.168.1.2 renders the redis-cli unusable with both versions - there is no IP and Port prompt, simply a carat and the cli does not accept keyboard input. Binging to an external IP the MSOpenTech fork service will not restart and throws an error(nice). Clearing all bindings and reverting back to original state, the redis-cli becomes usable again. Also, on the MS OpenTech fork there is no 'ProtectedMode' setting in either config file. Not sure whether this can actually be set.
Have raised this as an issue on the MSOpenTech fork via github but expecting silence to be the only reply...
I'm not sure this helps you in any way other than knowing that you are not alone. I am trying to pub from PHP to AS3 subscribers - it works great in the Flash IDE but from the localhost browser, redis appears to go decididly deaf.

AWS EC2 Error: The site can't be reached - ec2.us-west-1.compute.amazonaws.com took too late to respond. Deploy NodeJS

I currently have an EC2 instance up and running with Amazon Linux running and transferred my project (which contains both React/NodeJS/Express) onto the EC2 instance via SFTP using FileZilla.
For the EC2's Security Groups, I opened a port for 3000 (protocol: tcp, source: 0.0.0.0/0), which is how my Express is defined as well.
So I sshed into EC2 instance and ran the project's Express, and sees it listening to port 3000 within the terminal. But once I hit the Public DNS with ec2...us-west-1.compute.amazonaws.com:3000, it says The site can't be reached - ec2...us-west-1.compute.amazonaws.com took too late to respond.
What could be the issue and how can I go about from here to connect to it?
Thank you in advance and will upvote/accept answer.
Just check if your Node.js server is running on the EC2 instance.
Debugging:
Check first if It working locally properly.
Check for the node.js server in EC2.
sudo netstat -tulpn | grep :3000
try to run server with --verbose flag i.e npm run server --verbose
it will show logs of the server while starting.
Check for the security group Setting for the EC2 instance.
try to connect with the ip:port i.e 35.2..:3000
If still it not working and response taking long time.
that means some other service is running on the same port.
try this in ec2:
sudo killall -9 node
npm run server
And connect with using IP(54.4.5.*:3000) or public DNS (http://ec2...us-west-1.compute.amazonaws.com:3000).
Hope It will help :)
You may be encountering an issue with outbound traffic. You may be inside a company's network, either physically connected or VPN'd in. In some instances, your VPN isnt set up to handle split traffic, so you must abide by your company's outbound restrictions.
In a situation like this, you would want to use a proxy to access your site. when locking down your security group, make sure you use your proxy's public IP (not your company's).
Usually, when we have connectivity issues, it is something basic or a firewall. I assume you have checked whether a firewall is running on either end, eg. iptables -L -n. Also, any protocol analyzer like wireshark or tcpdump would tell you where packets to port 3000 are visible.

TCP server won't work on Openshift NodeJS

I've used the openshift-cartridge-tcp-endpoint cartridge to try and make a TCP server which I can access from a desktop application.
I've set it up on a scaleable application and I can see the OPENSHIFT_NODEJS_PORT_TCP and OPENSHIFT_NODEJS_PROXY_PORT_TCP values when I list the environment variables using 'export' when ssh'd into my application.
The problem is, when I do 'rhc ssh APP_NAME oo-gear-registry all', no port is listed over which I can access my TCP application and when I try to access the application over the port given by the HTTP server, it does not connect. Do I have to take additional steps to make the port show up and be accessible?
It looks like that cartridge is over 2 years old, and probably doesn't work with the current version of OpenShift Online, as it only exposes port 8080 publicly and uses an HTTP/WS reverse proxy, so only http or web services connections would work. You might try logging an issue with the cartridge's creator here (https://github.com/Filirom1/openshift-cartridge-tcp-endpoint/issues) and ask them if it still works or not.

How to use the webUI for Heritrix remotely

Hello I have been playing with Heritrix, and would like to include it on a website/allow remote web access to it.
I have a Linux based server where I have a hosted webpage, and I have built a version of Heritrix.
The issue is I am at home now and would like to be able to offer access to the webUI in Heritrix via the hosted webpage.
I looked through the manual and discovered the -b command to bind it to remote hosts however the documentation could be better.
So what I was hoping for was a little explanation/elaboration on how this command works and if it would be possible to bind the webUI to existing webpage
Thanks for your time in advance
(Here is a link to the documentation im working from: https://webarchive.jira.com/wiki/display/Heritrix/HOWTO+Launch+Heritrix )
You should use -b <public ip address> like -b 192.168.1.1
If you don't want to use a public IP, you can use SSH port forwarding to do this. When creating a PuTTY session, under Connection > SSH > Tunnels enter the following:
Source port: 8443 (or the port Heritrix is installed on, if different)
Destination: localhost:8443 (it's good practice to match the port you're forwarding)
Back on the Session window, make sure you save the session. Now whenever you SSH onto your server you can access the Heritrix web UI by hitting https://localhost:8443

Resources