I'm trying to run a dns server using dnsmasq which by default binds to port 53 and so requires sudo. I'm wondering if I can just run it on any unreserved port (9999) and setup a rule to forward traffic from port 53 to 9999? I'm guessing it might not work seeing as by default 53 is not open, so I would likely need something listening on port 53 that would forward the traffic to port 9999?
Configuring dnsmasq to listen on port 9999 is done by adding line port=9999 to /etc/dnsmasq.conf and restarting the service service dnsmasq restart.
As per your other question about having another something listening on port 53 only to forward to port 9999, well you can certainly write a daemon to do that, and binding it to port 53 will require that you have privilege to bind to port 53 in the first place, so in your case I don't know if that's possible. Then again, if you could do that obviously you'd bind dnsmasq to port 53 in the first place...
So if your dnsmasq is listening on port 9999, you need to point your traffic to that port, wherever that traffic is coming from.
Related
I have an Ubuntu16.04 VM on Azure, and am trying to run a node server on it. When I bind the port to 80, I am able to access it from my browser (http://a.b.c.d:80). However, if I try to instead bind the server to a different port, such as 3300 or 8080, the browser times out when trying to connect to it. (http://a.b.c.d:3300)
I have ensured that:
There exists an inbound security rule for port 3300 in the NSG
The windows firewall of the machine of the browser allows port 3300 (I have even tried temporarily turning it completely off but to no avail)
I am not using an azure load balancer
I am starting node with root privileges
Node is bound to (port, "0.0.0.0")
I am listening on the correct port (I think?)
netstat -ant | grep 3300 gives
tcp6 0 0 :::3300 :::* LISTEN
I have spent a few hours now researching on the internet how to get it to work and tried everything I could find, but to no avail. If anyone has any input i'd be happy to try it out.
Jason was correct, it was a ufw issue. If anyone comes across this question in the future, I solved it with the command
sudo ufw allow proto tcp from any to any port 3300
I have shut down iptables for my server, inspite of that when I check on http://www.yougetsignal.com/tools/open-ports/ it says my ports are not open.
Where do I have to specify to open ports. I am running a linux server
Is your server/PC behind a NAT router? If so, you may need to port forward the required ports to your server/PC. A helpful website for guides on how to do so (as it depends on your router model) is http://portforward.com/
If your server is not behind a NAT router or if you've verified you're port forwarding, is the application that's supposed to be listening on the specific port even running? Try this:
netstat -anp | grep <port number>
Netstat manual page: http://linux.die.net/man/8/netstat
If you can't find the port as listening on netstat, make sure that the application is running.
You need a server program (daemon) running on a machine listening on a port for that port to be open.
Setup the 'nmap' package on your server with 'yum install nmap -y' and check listening ports on your server:
nmap localhost
If you can see your port listening then you need to check your router for proper port forwarding, else you need to make sure that your application is working and listening for the port.
For the example, Apache2 will listen for port 80 by default.
I'm having trouble accessing my website through HTTP with an EC2 instance. I've tried changing the security setting by allowing HTTP on port 80, but it still doesn't work. SSH however is working fine. What could be the issue?
This is embarrassing, but the reason I couldn't connect to my EC2 instance was because my node js app never actually started a server for me to listen on port 80.
Adding this simple snippet of code
var server = app.listen(8080, function () {
var host = server.address().address
var port = server.address().port
console.log('Example app listening, host, port)
})
Along with this shell command for redirecting fixed the issue.
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to 8080
Could check ip-tables if it is blocking 80, check the security group if the TCP for PORT 80 is open to your IP address or ( 0.0.0.0/0 ).
Given that you are able to SSH but not http, check if you can replicate the same settings in the SG which has the config for SSH 22 - also kindly look if the web-server ( or process ) is up and running in PORT 80.
First, login that instance, and run the command to confirm http service is running.
telnet INSTANCE_public_DNS_name 80
Then run the same command for your remote machine to confirm if there are any firewall issues.
If there is problem to telnet, then click the instance name, and go to description --> Security groups --> view rules.
You should see the port opened. If not, create a new security group or edit exist security groups, and assign to that instance.
I have a node.js server listening on port 4000
how can I redirect my domain name: www.mydomain.com to a ip and port? The domain provider only allows an ip address without a portnumber in the redirection field. If I do a URL redirect, then the name of my side is not shown.
Please let me know how can I redirect it to my domain?
121.12.12.123:4000 redirect to www.mydomain.com
HTTP requests usually come in on port 80. When you type in a domain and do not specify a port, it automatically connects to port 80. You have a few options. You can run your Node.js server as root and have it listen on port 80, but it's not recommended.
You can also setup a Nginx on port 80 and use it to reverse proxy requests to your Node.js process which is listening on port 4000, but this introduces another component in your stack to manage and introduces a little bit of overhead for each request.
The way I prefer to handle this is to setup a redirect in iptables (assuming you're using Linux).
sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 4000
That will redirect all traffic from port 80 to port 4000, where you're listening Node.js process is.
That allows you to run your Node.js process as an unprivileged user, but still answer requests on port 80.
Once you've done that than you can simply point your domain to the IP address of the server and normal web requests should work. Just be sure you have port 80 open on any firewalls first.
try this code
var httpProxy = require('http-proxy');
httpProxy.createProxyServer({target:'http://localhost:4000'}).listen(80);
i just use yum install tomcat7 to setup the tomcat7 and change the port, in the /usr/share/tomcat/conf/server.xml from 8080 to 80 and service tomcat6 start, it works fine.
but when i do the netstat -nlp, there is no 80 port, and also other cannot visit the 80 port
try to create ROOT, i think you did not create it yet, that way make your website unavaialbel.
When you do netstat it typically will show you http, not 80: this is because 80 is bound to http in /etc/services. You'll see something like this:
tcp 0 0 *:http *:* LISTEN
Assuming you're not experiencing a Tomcat error, make sure that you've set up the EC2 security group to allow access to port 80. Look at this for a decent treatment.
EDIT: if 8080 works but 80 doesn't then it is either:
Some other program (such as Apache) sitting on port 80.
You're probably not running with the right privileges. On most Linux distributions you need to be the root user (or running as a system process) to access ports numbered less than 1023