Disable Port blocking on linux - linux

I have shut down iptables for my server, inspite of that when I check on http://www.yougetsignal.com/tools/open-ports/ it says my ports are not open.
Where do I have to specify to open ports. I am running a linux server

Is your server/PC behind a NAT router? If so, you may need to port forward the required ports to your server/PC. A helpful website for guides on how to do so (as it depends on your router model) is http://portforward.com/
If your server is not behind a NAT router or if you've verified you're port forwarding, is the application that's supposed to be listening on the specific port even running? Try this:
netstat -anp | grep <port number>
Netstat manual page: http://linux.die.net/man/8/netstat
If you can't find the port as listening on netstat, make sure that the application is running.

You need a server program (daemon) running on a machine listening on a port for that port to be open.

Setup the 'nmap' package on your server with 'yum install nmap -y' and check listening ports on your server:
nmap localhost
If you can see your port listening then you need to check your router for proper port forwarding, else you need to make sure that your application is working and listening for the port.
For the example, Apache2 will listen for port 80 by default.

Related

Can't use port 8080

When I'm trying to run a service (RavenDB) on port 8080 it stops and the Windows Logs show the following error:
System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.Net.HttpListenerException: Failed to listen on prefix 'http://+:8080/' because it conflicts with an existing registration on the machine.
Acccording to IIS and netstat -an | find "8080" the port is currently not in use.
If I change the port to any other, the problem disappears.
Port 8080 may actually be in use. To replicate another answer
netstat -a only lists connected sockets and listening socket.
-a Displays all connections and listening ports. Neither
connect nor listen was called on your socket, so it falls outside the
purview of netstat -a.
However, since Windows 10, you can use netstat -q.
-q Displays all connections, listening ports, and bound
You could also try to view the port using tcpview from the SysInternals suite. Sort by port number. It will also tell you the process using the port, which you can then kill.

nodejs timed out on all ports when hosting on godaddy server

I've trying to run my nodejs/expressjs application on my godaddy server, but any port I use times out. I've tried using the application on my local device and it works fine. I have a snippet of my connection below.
var app = express();
app.listen(8080, function() {
console.log("Listening on port " + 8080);
});
When I run the program through ssh, I get no errors
node index.js
Listening on port 8080
But when I go to the corresponding location in my browser, I get:
xxx took too long to respond.
ERR_CONNECTION_TIMED_OUT
I'm pretty sure it has to do with running on the godaddy server. If anyone has experience using this service with nodejs, is there a specific port I should be using, or is there any other setup I should do?
Do you have a VPS with GoDaddy right? So I assume you have also root access.
SSH into your GoDaddy server as root and check if the node.js app actually listens on that port:
netstat -tunlp | grep 8080
If you see any result there for the node.js app and that port then the port is open.
By default, there should be a firewall on your server which might block most of the ports and allows only the necessary incoming traffic.
You can check if there is any rule for that port by issuing the command bellow:
iptables -nvL | grep 8080
If any result is returned, then you have to add an iptables rule to allow access to that port. There are multiple methods to do that:
permit full access from your IP access to the server
permit your ip to access port 8080 on the godaddy server
permit outside world to access port 8080 on your server
You could read any iptables guy, it's pretty easy to add/edit/delete firewall rules. Most of the cPanel/WHM servers come with CSF Firewall (which is based on iptables and perl scripts).
In order to allow an ip address to your firewall (if you have CSF Firewall installed) you have to issue the following command:
csf -a ip-address
I hope that helps!

How can I find where node.js is running?

I have a VPS with node.js installed, I already uploaded a basic example to test it on the server, so I tried doing this:
I access by SSH, navigate to my project folder and run
node app.js
I get this message
Express server listening on port 8080
I thought i could see my app here
example.com:8080 or server.example:8080... but nothing. Then I tried with the info from os.networkInterfaces(); and os.host(); and still nothing happen
could you help me out? as you can see I am a total noob on node.js. What I'm doing wrong? or what should I do before running my app? Something related to DNS's? i have no idea
How do you ssh to your host? with ip or name? Is it something like:
ssh root#example.com
if so then at least you know your DNS is ok.
Once on the server do a
netstat -a
if you find *:8080 then your server is listening in the default ip. If you see something like 12.23.45.67:8080 then this number is the ip your server is listening.
ifconfig
will give you the servers ip. This should be the same as the ip of example.com. If not then maybe there is some router/firewall in front of your server and you have to configure that to allow port 8080 to reach your server.
if someone ever has the same problem this is how i solved on CentOS:
Open this file
/ Etc / csf / csf.conf
Add the required port
Allow incoming TCP ports
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,26"
Allow outgoing TCP ports
TCP_OUT = "20,21,22,25,37,43,53,80,110,113,443,587,873"
Restart
# # Csf-r

Enable HTTP TCP connection requests in Arch Linux for neo4j

My laptop is running a local neo4j server. I can use it with localhost:7474 but when i try connecting it with 192.168.1.12:7474 it is unreacheable.
Turns out linux is blocking connections other than web server port 80. Because i can access my Apache server on 192.168.1.12/
I am trying to allow TCP connections on port 7474 by using
iptables -A TCP -p tcp --dport 7474 -j ACCEPT
but it gives a response as -
iptables: No chain/target/match by that name.
How can i make other clients access neo4j server running at my laptop on port 7474. My laptop IP addr is 192.168.1.12.
I doubt that it is blocking it. Probably your neo4j server is only running at 127.0.0.1. You can check this out with netstat -nplt: you will probably see something (the apache) listening on 0.0.0.0:80 or :::80 (e.g. catchall address) but on port 7474 you will probably only see 127.0.0.1:7474 or ::1:7474. If this is the case you need to reconfigure your neo4j server to listen not only on localhost (don't know how, checkout the documentation).
Okay. I had uncommented the webserver address line but it still wasn't working.
So i reinstalled neo4j. That solved it. Weird but worked.

netstat commands to run on unix server, what commands should I use for my use-case and why?

Sorry in advance for such a noob question, but I'm certainly a noob.
My question is what does it mean to LISTEN or ACCEPT on a port as it relates to my example?
EXAMPLE:
I have a tomcat server, and It will use port 8080. I want to make sure that port is available for me to use.
What commands should I perform on my unix server and why?
what information would a command like this give me: netstat -an | grep LISTEN
If a port shows up as LISTEN in netstat, it means the port is in use by a server process, so you can't use it. Here is an example:
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
which shows that port 631 is in use.
Ignore the UNIX type sockets at the end - they are irrelevant.
For checking port 8080 is in use or not, you can simply use the command netstat -an|grep 8080. If you get an output in below format, that means 8080 is already in use and you need to assign a new port for the tomcat.
# netstat -an
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN
Netstat command displays various network related information such as network connections, routing tables, interface statistics, masquerade connections, multicast memberships etc,
a option with netstat will give you both listening and non listening ports
n option when you don’t want the name of the host, port or user to be displayed, use netstat -n option. This will display in numbers, instead of resolving the host name, port name, user name. This also speeds up the output, as netstat is not performing any look-up.
For more understand the use of netstat command here are its options:
-a : All ports
-t : Ports TCP
-u : Ports UDP
-l : Listening ports
-n : IP address without domain name resolution
-p : Name of the program and it associated PID
So:
-To display all port (TCP & UDP), PId with the associated name of the program :
$ netstat -paunt
-To display all Listening ports (TCP), PId with the associated name of the program : (and we can also filter with the grep command)
$ sudo netstat -plnt | grep ':80'
I hope it will be helpful :)
You can also use telnet to check if the port is open and listening e.g,
Zeeshan$ telnet google.com 80
Trying 173.194.35.5...
Connected to google.com.
Escape character is '^]'.
I am telnetting google.com on port 80. If you see the third line in the output, you will notice it says it is connected with the Google's web server. The same way you have a JAVA application server called Tomcat and it is listening on port 8080. In fact it is asking clients to connect to it on port 8080 so it can give away the JAVA services to client. When I will use from a client side telnet localhost 8080 I will be connected the same way I have connected with Google's web server on port 80. Provided that Tomcat is running and listening on port 8080. If port 8080 is not free and occupied by some other application you can simply change the port 8080 to another free port. Telnet should give you the following status:
accepted (connected), refused, and timeout
connection refused - nothing is running on that port
accepted - some application is running on the port
timeout - a firewall is blocking access
So now there are two possible ways to check. From the same machine you are running Tomcat server:
telnet localhost 8080
Of if you want to check it from some other machine or outside of the network:
telnet 192.168.1.1 8080
I hope that helps.
use can also run the below command, it will list the Port and corresponding PID, if any process is using those ports
netstat -tulpn

Resources