cannot open up port using iptables to use rstudio server - linux

I am currently trying to open port 8787 for rstudio server. I have set this up on an ubuntu host, and want to point my browser at the ip address of the ubuntu host, using port 8787 to direct it to rstudio. I can do this from the host machine, but no such luck using a different computer.
When I do
netstat - peantl | grep ":8787"
I get nothing returned, unlike when checking port 22 which is confirmed as listening. I can there ssh from external machines into the ubuntu host.
So I tried to open up port 8787 with iptables:
sudo iptables -A INPUT -p tcp --dport 8787 -j ACCEPT
command runs fine, but then re-checking with netstat I still do not get any output (I was expecting similar output to port 22 as mentioned previously)
I also allowed port 8787 on ufw:
sudo ufw allow 8787
using gufw it confirms port 8787 is open.
What could be the issue? If my network has restricted port 8787 how can I tell? Am I allowing port 8787 correctly with iptables?
Thanks.

All your iptables and ufw commands are doing is opening ports in the firewall itself. The fact that there is no output from the netstat|grep line means that the rstudio software does not actually have the port open for anyone to connect to. This is the issue you need to fix first.

Related

How does one open a tensorboard port in Linux?

I have some tensorboard data and I want my server to let me see the data. I don't want to have to send the tensorboard data files to my computer, so it would be ideal if I can just access them remotely. How does one do that? I would assume that the server would just host it as a normal website? What are the Tensorboard commands for this?
I know that locally one can do:
tensorboard --logdir=path/to/log-directory
and then go to the browser to do:
http://localhost:6006/
but is it possible to the equivalent from a server and then just read the data in my local browser/computer from the server?
Assuming that there is no firewall preventing access to port 6006 from the outside, and that your server's address is server.example.com you should be able to simply type http://server.example.com:6006 into your browser and have it work.
In case of a restrictive firewall, tunneling the tensorboard port over SSH using Local Port Forwarding is a good approach (this is also more secure than opening random ports publicly). When logging in to your server, you could type (for instance):
ssh -L 12345:localhost:6006 server.example.com
After that, start tensorboard on the server as usual, and you will be able to access it at http://localhost:12345 in your browser.
mvoelske instructions for setting up port forwarding are correct. If you have administrative privileges on the machine, you can open port 6006 to your IP address using the following commands:
$ sudo iptables -A INPUT -p tcp -s <insert your ip> --dport 6006 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
$ sudo iptables -A OUTPUT -p tcp --sport 6006 -m conntrack --ctstate ESTABLISHED -j ACCEPT
The iptables change can be saved with the following command:
$ sudo service iptables save
Note that this is for CentOS v6 and below. CentOS v7 and above used Firewalld by default.
If you have reached this stackoverflow question because you are troubleshooting a previously working TensorBoard setup, you might consider adding the --bind-all flag to your command line.
$ tensorboard --logdir=path/to/log-directory --bind-all
This resolved my problem reaching TensorBoard by URL within an internal network.
http://my_server.company.com:6006

Cannot connect to google compute engine virtual machine by vnc

I have created a debian wheezy virtual machine in google compute engine but I am unable to connect to it with vnc.
Here is what I have done
Installed gnome and the rebooted the VM
install tightvncserver and started it
I have tried to connect using the static ip that I've attached to the VM but I'm getting the error: "the connection was refused by the host computer".
I thought it was the firewall that was the issue so I disabled iptable using the following commands
$ sudo iptables-save > /root/firewall.rules
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
and I have created rules in google firewall to allow ports 0-65535 for tcp and udp but it still does not work.
Anyone knows how to do it?
Thanks in advance
By default, all incoming traffic from outside a network is blocked and no packet is allowed into an instance without an appropriate firewall rule. To allow incoming network traffic, you need to set up firewall rules to permit these connections:
start the VNC service
look at VNC server settings or netstat -nap to find out the listening port of vnc server
under Google Developer console -> Compute Engine -> Networks -> default -> Firewall rules
create a new rule and open appropriate ports for incoming vnc connections.
VNC uses by default port 5901. In the 'VNC server' field, specify the ip address and the port 5901.
Example: VNC ***Server: 123.123.123.123:5901
Encryption: let VNC Server choose***
Be aware that the free edition of VNC doesn't support encryption, it only encrypts your user name and password. One thing also to configure is /etc/sysconfig/vncservers file where you have to specify the user and the port that VNC server should listen to, and make sure it's not commented
Example:
VNCSERVERS="1:USERNAME"
VNCSERVERAR0GS[1]="-geometry 800x600 -listen tcp -5901"

Cannot access app engine application from LAN

I added the --address=0.0.0.0 to GAE arguments in eclipse.
From the same machine I can access the server with:
http://192.168.1.7:8888/createUser.html
http://localhost:8888/createUser.html
http://0.0.0.0:8888/createUser.html
http://127.0.0.1:8888/createUser.html
However if I try to access it from an Android device on the same LAN through http://192.168.1.7:8888/createUser.html I get an "Oops!".
The Android device can ping 192.168.1.7 and vice versa.
I'm using Linux and I don't have any firewall. What's the solution?
Thank you.
EDIT: I also tried to access the page from another PC in the same LAN but didn't work. I also tested the port using telnet: it works from the machine but doesn't work from other devices in the same LAN.
The solution is to open the port 8888 using this command:
sudo /sbin/iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 8888 -j ACCEPT

Enable HTTP TCP connection requests in Arch Linux for neo4j

My laptop is running a local neo4j server. I can use it with localhost:7474 but when i try connecting it with 192.168.1.12:7474 it is unreacheable.
Turns out linux is blocking connections other than web server port 80. Because i can access my Apache server on 192.168.1.12/
I am trying to allow TCP connections on port 7474 by using
iptables -A TCP -p tcp --dport 7474 -j ACCEPT
but it gives a response as -
iptables: No chain/target/match by that name.
How can i make other clients access neo4j server running at my laptop on port 7474. My laptop IP addr is 192.168.1.12.
I doubt that it is blocking it. Probably your neo4j server is only running at 127.0.0.1. You can check this out with netstat -nplt: you will probably see something (the apache) listening on 0.0.0.0:80 or :::80 (e.g. catchall address) but on port 7474 you will probably only see 127.0.0.1:7474 or ::1:7474. If this is the case you need to reconfigure your neo4j server to listen not only on localhost (don't know how, checkout the documentation).
Okay. I had uncommented the webserver address line but it still wasn't working.
So i reinstalled neo4j. That solved it. Weird but worked.

node.js on VirtualBox CentOS machine, no connection?

I've setup a CentOS 6.3 Box in a VirtualBox Machine, installed node.js and npm and wrote an example 'Hello World' Application which listens on port 8080 and IP '192.168.10.132' (this is the IP of the CentOS machine). The server starts correctly, but under 192.168.10.132:8080 on my host machine (Mac OS X 10.0.7) I always get an error.
Did I something wrong?
Generally I run into issues like this because I have not opened the port in iptables.
The following command will add the port to iptables
iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT -m comment --comment "node.js port"
Then make sure to save your current config.
service iptables save
then you'll need to restart iptables
service iptables restart
For more info, check out the iptables docs here: http://wiki.centos.org/HowTos/Network/IPTables

Resources