Azure Ubuntu VM application only able to connect on port 80 - node.js

I have an Ubuntu16.04 VM on Azure, and am trying to run a node server on it. When I bind the port to 80, I am able to access it from my browser (http://a.b.c.d:80). However, if I try to instead bind the server to a different port, such as 3300 or 8080, the browser times out when trying to connect to it. (http://a.b.c.d:3300)
I have ensured that:
There exists an inbound security rule for port 3300 in the NSG
The windows firewall of the machine of the browser allows port 3300 (I have even tried temporarily turning it completely off but to no avail)
I am not using an azure load balancer
I am starting node with root privileges
Node is bound to (port, "0.0.0.0")
I am listening on the correct port (I think?)
netstat -ant | grep 3300 gives
tcp6 0 0 :::3300 :::* LISTEN
I have spent a few hours now researching on the internet how to get it to work and tried everything I could find, but to no avail. If anyone has any input i'd be happy to try it out.

Jason was correct, it was a ufw issue. If anyone comes across this question in the future, I solved it with the command
sudo ufw allow proto tcp from any to any port 3300

Related

Is my network port available to the outside world?

Background
First time working with Azure. I'm deploying a database server (ClickHouse) onto a VM hosted in Azure, and have it started up fine. The VM is running Ubuntu. The database server's default ports are localhost port 9000 for TCP (used by the command line client) and 8123 for HTTP (used by application clients).
Issue
The db server should be listening on the server's default http port (8123). However, when I try to connect, it just hangs. Based on the below steps, I don't think the network request is making it to the server.
Steps I've tried
Started the containerized version on my local machine and used the exact same curl command to run a simple SELECT 1 query against it (http://localhost:8123). This succeeds and proves to me that the request is not malformed.
Verified that the server is responsive via the local client on the VM (while SSH'ed in)
Added my IP address and the port in the VNET's "inbound port rules". I've been able to access my public IP via SSH after adding a similar rule for that.
my ip is valid irl
$ telnet my.public.ip.address 8123 <- obviously with the actual ip in there. this hangs as well
While SSH'ed in, I've run $ ss -atn | grep 8123 and see:
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 4096 127.0.0.1:8123 0.0.0.0:*
LISTEN 0 4096 [::1]:8123 [::]:*
I'm not an expert at the network component of this. I think this means the server is listening to 8123 on localhost as well as all other addresses. I take that latter part to mean that it should be exposed publicly. I also believe LISTEN means it is ready to accept connections, but no connections are currently open.
Any ideas?
LISTEN 0 4096 127.0.0.1:8123
0.0.0.0:*
expected:
LISTEN 0 4096 *:8123 *:*
Your Clickhouse listens localhost only
solution:
cat /etc/clickhouse-server/config.d/port.xml
<?xml version="1.0"?>
<yandex>
<listen_host>::</listen_host>
</yandex>
and restart CH.

Why my website hosted on aws refuses to connect?

I have a node app which runs on localhost perfectly, I hosted it on AWS ec2 instance on port 80 and it worked fine too, after 7 days of inactivity when I searched public IP address of my ec2 instance(on any browser), it says <public_ipv4> refused to connect.
Here are a few things I did for troubleshooting which I read from AWS forums but not getting any luck:
deleted the node_modules/ directory and reinstalled using npm
install command
Have correctly allowed HTTP traffic on port 80 inside inbound rules of security groups for that instance(i have only one instance running)
Ran netstat -nplt | grep 80 , which gave me output :
tcp6 0 0 :::80 :::* LISTEN
I have added a script in package.json file, through which app.js file will run
In my app.js file i am listening to port 80:
app.listen(80, async function(){
console.log("server has started");
})
What else am I missing?
Screenshot of inbound rules :
it seems you have allowed only IP v6 address on Inbound traffic of Security Groups..
Not added allow permission for IPv4 address..
Add below rule
HTTP tcp 0.0.0.0/0 80
if you have added both rule ( IPV4 and IPV6) then
sudo netstat -tnlp | grep :80
should show below both lines..
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp6 0 0 :::80 :::* LISTEN
but in your case it showing only tcp6
See if the steps below helps.
Did you stop your ec2 instance start and it again if you did it would have changed your public ip if that is case use the new public ip.
Check your security groups attached to the ec2 instance if it allows in bound traffic on port 80.
If the first step does not work connect to your ec2 instance and run a curl command to see if your app is running.
In my app.js file i have used port 80 :
app.listen(80, async function(){
console.log("server has started");
})
but when i changed port number to 3000 in app.listen , it worked , i dont't know how did this happen though.
There was no issue with security groups.

Azure resource manager windows VM accessing endpoints from internet not working

I have installed mirthconnect on windows virtual machine in azure resource manager. I am able to access admin console with http://localhost:8080 .But same is not accessible from internet. I have added endpoints in network security.
Is there any other configuration I am missing here ?
I am able to RDP to the machine . I have tried with source as * and destination as * also . But still no luck.
I am not able to telnet also with the VM public IP and the given ports.
Connect to your Virtual Machine, Open the Firewall Advanced Settings and add an exception for the port 8080 as the EndPoint Configuration doesn't do that for you
Did you allow 8080/TCP from anywhere, for all profiles in Windows Firewall?
Is you daemon listening on 0.0.0.0 or just 127.0.0.1?
netstat -ban
should give you the answer there.
e.g.
[spoolsv.exe]
TCP 0.0.0.0:1540 0.0.0.0:0 LISTENING
[lsass.exe]
TCP 0.0.0.0:2179 0.0.0.0:0 LISTENING
[vmms.exe]
TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING
If you're only listening on localhost (127.0.0.1) you need to address the configuration of your daemon and then restart it.

How can I find where node.js is running?

I have a VPS with node.js installed, I already uploaded a basic example to test it on the server, so I tried doing this:
I access by SSH, navigate to my project folder and run
node app.js
I get this message
Express server listening on port 8080
I thought i could see my app here
example.com:8080 or server.example:8080... but nothing. Then I tried with the info from os.networkInterfaces(); and os.host(); and still nothing happen
could you help me out? as you can see I am a total noob on node.js. What I'm doing wrong? or what should I do before running my app? Something related to DNS's? i have no idea
How do you ssh to your host? with ip or name? Is it something like:
ssh root#example.com
if so then at least you know your DNS is ok.
Once on the server do a
netstat -a
if you find *:8080 then your server is listening in the default ip. If you see something like 12.23.45.67:8080 then this number is the ip your server is listening.
ifconfig
will give you the servers ip. This should be the same as the ip of example.com. If not then maybe there is some router/firewall in front of your server and you have to configure that to allow port 8080 to reach your server.
if someone ever has the same problem this is how i solved on CentOS:
Open this file
/ Etc / csf / csf.conf
Add the required port
Allow incoming TCP ports
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,26"
Allow outgoing TCP ports
TCP_OUT = "20,21,22,25,37,43,53,80,110,113,443,587,873"
Restart
# # Csf-r

amazon ec2 service(linux) cannot use tomcat7 or 6

i just use yum install tomcat7 to setup the tomcat7 and change the port, in the /usr/share/tomcat/conf/server.xml from 8080 to 80 and service tomcat6 start, it works fine.
but when i do the netstat -nlp, there is no 80 port, and also other cannot visit the 80 port
try to create ROOT, i think you did not create it yet, that way make your website unavaialbel.
When you do netstat it typically will show you http, not 80: this is because 80 is bound to http in /etc/services. You'll see something like this:
tcp 0 0 *:http *:* LISTEN
Assuming you're not experiencing a Tomcat error, make sure that you've set up the EC2 security group to allow access to port 80. Look at this for a decent treatment.
EDIT: if 8080 works but 80 doesn't then it is either:
Some other program (such as Apache) sitting on port 80.
You're probably not running with the right privileges. On most Linux distributions you need to be the root user (or running as a system process) to access ports numbered less than 1023

Resources