We have a proftpd server on an AzureVM configured to use implicit ftps.
Error:
Status: Connecting to myPublicIP:990...
Status: Connection attempt failed with "ECONNREFUSED - Connection refused by > server".
Error: Could not connect to server
Relevant configuration
# /etc/proftpd/proftpd.conf
Port 21
PassivePorts 49152 49190
MasqueradeAddress myPublicIP
# /etc/proftpd/tls.conf
TLSEngine on
TLSLog /var/log/proftpd/tls.log
TLSProtocol TLSv1 TLSv1.2
TLSCipherSuite AES128+EECDH:AES128+EDH
#TLSOptions NoCertRequest AllowClientRenegotiations UseImplicitSSL EnableDiags
TLSRSACertificateFile /etc/proftpd/ssl/certificate.pem
TLSRSACertificateKeyFile /etc/proftpd/ssl/certificate.key
TLSVerifyClient off
TLSRequired on
I have open the following ports in the security group and interface of the virtual machine:
20,21,49152-49190,990,989.
If I do not force the connection through the implicit port, the rest of the connections works perfectly
According to your configuration, you did not enable implicit. If you execute netstat -ant|grep 990, it should return null.
So, if you use port to connect ftp server, you will get the error log.
You could check this link to enable implicit.
<IfModule mod_tls.c>
<VirtualHost 0.0.0.0>
Port 990
TLSEngine on
TLSOptions UseImplicitSSL
</VirtualHost>
</IfModule>
Then you need restart ftp server, service xinetd restart
When you execute netstat -ant|grep 990, you will get like below:
root#shui:~# netstat -ant|grep 990
tcp6 0 0 :::990 :::* LISTEN
Related
I've got CRC running on Windows 11 and I would like to connect there from a RHEL9 VM.
CRC listening on 127.0.0.1:6443
Port forwarding rule created on Win machine to fwd connections on 192.168.1.156 (local intf) to 127.0.0.1:
$ netsh interface portproxy show v4tov4
Listen on ipv4: Connect to ipv4:
Address Port Address Port
192.168.1.156 9000 127.0.0.1 6443
Added rule in firewall to allow connections to port 9000
From the VM:
[test#workstation ~]$ telnet 192.168.1.156 9000
Trying 192.168.1.156...
Connected to 192.168.1.156.
Escape character is '^]'.
Connection closed by foreign host.
[test#workstation ~]$ oc login -u developer -p developer https://192.168.1.156:9000
The server is using a certificate that does not match its hostname: x509: certificate is valid for 10.217.4.1, not 192.168.1.156
You can bypass the certificate check, but any data you send to the server could be intercepted by others.
Use insecure connections? (y/n): y
Error from server (InternalError): Internal error occurred: unexpected response: 412
Any idea on how I can fix this and be able to connect from my VM towards CRC?
thanks
I have my Windows server 2012 which is active on production and running 2 websites of .NET. Now I want to run my wordpress site I had configured everything and my wordpress site was working fine before but all of sudden now am unable to connect to local host and even wp admin dashboard is not appearing so I deleted all that stuff uninstalled MYSQL connector MYSQL and web platform installer too. Even now I'm facing the same problem.
Whenever I try to connect 127.0.0.1 /Localhost I get the same message for both "This site can't be
reached" and if I try to connect with my public ip it says "HTTP Error 404. The requested resource is not found."
My netstat results are mentioned below:
C:\Users\Administrator>netsh http show iplisten
IP addresses present in the IP listen list:
173.208.205.34
173.208.205.35
173.208.205.36
C:\Users\Administrator>netstat -ano
Active Connections
1. Proto Local Address Foreign Address State
PID TCP 0.0.0.0:135 0.0.0.0:0
LISTENING
1192 TCP 0.0.0.0:180 0.0.0.0:0
LISTENING 1388 TCP 0.0.0.0:445 0.0.0.0:0
LISTENING 4 TCP 0.0.0.0:1433 0.0.0.0:0
LISTENING 2812 TCP 0.0.0.0:1443 0.0.0.0:0
LISTENING 1388 TCP 173.208.205.34:80 0.0.0.0:0
LISTENING 4 TCP 173.208.205.34:139 0.0.0.0:0
LISTENING 4 TCP 173.208.205.34:443 0.0.0.0:0
LISTENING 4 TCP 173.208.205.34:443
160.153.147.141:35160 TIME_WAIT 0
TCP 173.208.205.34:1433 122.176.28.110:2048 ESTABLISHED 28
Additionally, I have checked the etc/hosts file it have 127.0.0.1 localhost uncommented there.
I have also disabled the firewall that make no change.
Can anyone tell what is wrong with this ?
I notice that there is no 0.0.0.0:80 in the IP listen list. Does your site bind to localhost:80?
The correct IP address in list should include
0.0.0.0:80 (ipv4) and [::]:80 (ipv6)
I think you can add 127.0.0.1 to IP listen list.
netsh http add iplisten ipaddress=127.0.0.1
Then check whether it is in list.
I am running a Node.js SSH server that spawns a child process to exec code (using require('child_process').spawn) after successful authentication.
The client server connections works fine on port 22 and connection is kept alive successfully through spawned process.
I am trying to setup up now with HAProxy 1.6, to forward port 22 to a non-privileged port on which the SSH server is listening.
However, when the child process is spawned the server either errors Error: write EPIPE or Error: read ECONNRESET.
This suggests to me there is an issue with prematurely closed stream or connection between the client -> HAProxy -> server?
I am looking at websocket configurations and ssh configurations for HAProxy and various keep alive options. However I cannot get the connection to work.
My configuration:
global
daemon
maxconn 10000
log 127.0.0.1 local0
defaults
log global
option tcplog
option logasap
timeout connect 500s
timeout client 5000s
timeout server 2h
timeout server-fin 5000s
timeout client-fin 5000s
timeout tunnel 1h
option tcpka
frontend sshd
bind *:22
default_backend ssh
timeout client 2h
backend ssh
mode tcp
server ssh2server 127.0.0.1:5000 check port 5000
Any pointers or help would be awesome. Thanks in advance.
EDIT
Runing haproxy in debug mode I have
00000000:sshd.accept(0004)=0005 from [my ip]
00000000:ssh.srvcls[0005:0006]
00000000:ssh.clicls[0005:0006]
00000000:ssh.closed[0005:0006].
On the tcplog
Oct 15 15:15:38 localhost haproxy[16036]: 128.277.13.23:51146 [15/Oct/2016:15:15:38.804] sshd ssh/ssh2server 1/0/+0 +0 -- 1/1/1/1/0 0/0
When i start apche server i am getting error like
[root#ram conf]# service httpd start
Starting httpd: httpd: apr_sockaddr_info_get() failed for ram
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
(13)Permission denied: make_sock: could not bind to address [::]:2244
(13)Permission denied: make_sock: could not bind to address 0.0.0.0:2244
no listening sockets available, shutting down
Unable to open logs
I am running it as root user .
How can i fix this ?
When /etc/httpd/conf/httpd.conf is configured so httpd listens on a port other than TCP ports 80, 443, 488, 8008, 8009, or 8443, the semanage port command must be used to add the new port number to SELinux policy configuration.
semanage port -a -t http_port_t -p tcp 12345
Run service httpd start again to start httpd and have it listen on the new port.
From The Apache HTTP Server and SELinux
I can able to connect postgres from terminal as well as python manage.py dbshell command
But when i'm trying to connect from apache i'm Getting error as follows.
Error : OperationalError: could not connect to server: Permission denied
Is the server running on host "192.168.1.10" and accepting
TCP/IP connections on port 5432?
My listen Address on postgress conf file is 192.168.1.10 Address
pg_hg_cong allowed host all all 192.168.0.0/24 trust
And also selinux turned httpd_can_network_connect_db on
Port is listening on 192.168.1.10:5432 on netstat output.
And database's are storing in /tmp directory
wxrwxrwx. 1 postgres postgres 0 Dec 18 07:40 .s.PGSQL.5432
-rw-------. 1 postgres postgres 50 Dec 18 07:40 .s.PGSQL.5432.lock
Actually I have enabled selinux httpd_can_network_connect_db parameters on db server instead of web server
So issue got solved after enabling httpd_can_network_connect_db on web server