I have got installed CentOS 7 under virtual envirment.
It has proper hostname so I can ping it and it has acccess to internet inside of it and I can ping by IP and host name outside of it. Also It has working Apache and its test page is fine that has been checked locally.
Now I would like to get access to this test page from the MS Windows but I cannot. (I can ping CentOS by IP and hostname.)
Has it something to do with Iptables or firewall?
And this link doesnt help as well https://serverfault.com/questions/459267/enabling-http-access-on-port-80-for-centos-6-3-from-console
I assume some settings should be changed under CentOS but I am not sure which of them.
My question is which steps I have to execute to allow all those things?
Either disable firewalld.service
systemctl disable firewalld.service
systemctl stop firewalld.service
Or allow access to port 80
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --reload
Also disable SELINUX:
setenforce 0
sed -i 's/^SELINUX=enforcing/SELINUX=disabled/' /etc/sysconfig/selinux
So the answer is a simple one.
I just used Firewall settings to allow http and httpd.
Related
On Ubuntu if I use the command: sudo disable ufw then it can access my server on any port.
Once I enable firewall again then I run command: sudo ufw allow 9090/tcp then I start my spring boot website on port 9090. Now I use the command: curl http://server_id:9090 => It still block me. If I disable firewall then It can run
Who know root cause? How can I enable firewall and allow on a particular port.
Thanks
I have set up a VM in azure with Redhat Linux OS, I have installed Httpd service and placed a static webpage to access.
I am not able to access my VM via browser with public IP set on my VM. Although, I am able to ssh into the machine.
Steps I have already tried:
Set an inbound rule on the network security group for port 80, 443, 22(ssh).
Attached this NSG to both VNET & NIC but no luck.
Tried the same in AWS EC2 instance it works like a charm. Not sure why Azure is not that straight forward.
Tried to find the solution online and documentation but no luck.
Please help if you have any idea how can I access my app via a browser.
Please check, if SELINUX is configured correctly
Redhat reference here: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/managing_confined_services/chap-managing_confined_services-the_apache_http_server
Thanks,
Manu
Thanks Manu for your suggestion. But I found that Linux firewall was blocking it. So here is what I did:
Since I am using RHEL 8, the inbuilt firewall is via Firewalld not iptables(which is there for RHEL 6 and before).
1- By default, only port 22 open in firewalld. "firewall-cmd --list-all" command will show the details.
2- Added HTTP port. By using below 2 commands
$ sudo firewall-cmd --zone=public --add-service=http --permanent
$ sudo firewall-cmd --reload
3- Verify the change by using any of the below commands:
$ sudo firewall-cmd --list-services
$ sudo firewall-cmd --list-services --permanent
Please refer this link for more details:
https://www.cyberciti.biz/faq/configure-set-up-a-firewall-using-firewalld-on-rhel-8/
I am a starting level at linux...
I got node JS to listen to port 80 and everything works well.
But when trying different ports it doesn't work.
Firewalld is not enabled...
and when trying in the browser I try localhost:8080
Any Ideas?
Stop firewall if already running
sudo systemctl stop firewalld
Check the status of iptable
If not already installed then install it using
yum install iptables-services
sudo systemctl status iptables
Enable the service at boot-time:
systemctl enable iptables
Managing the service
systemctl [stop|start|restart] iptables
Saving your firewall rules can be done as follows:
service iptables save
Start and Enable Firewall with this command
sudo systemctl start firewalld
sudo systemctl enable firewalld
Configure firewall and add Ip and range of ports to be enabled (optional)
firewall-cmd --add-rich-rule='rule family="ipv4" source address="10.0.0.0/8" port port="11224-12224" protocol="tcp" accept'
The above command takes the range of IPs and ports. You need to replace the IP and port range in the above command, make sure to change the x.x.x.x/n , here n is the number of ports.
I try to access my node.js server running on Ubuntu. My PC is connected with TP-link router. Now, I want to access node services from other IP(not from my local host or local IPs). What can I do? I used following code.
Note: This server works fine and accessible from local IP but can't access from my public IP
http.listen(6000,"0.0.0.0",function(){
log.info("server started");
})
You have to use :-
iptables -A OUTPUT -p tcp --sport 8080 -j ACCEPT
for the outgoing rule (not dport). Apart from that, maybe there's an earlier rule that blocks the traffic? Try iptables -L.
Ubuntu have very good firewall and default system is not allow to external IP to response
In express and node js or any server like that
http.listen(6000,"0.0.0.0",function(){
log.info("server started");
})
It will work on your IP, localhost and public IP
but on external IP can't access it
first of all replace
localhost -> 0.0.0.0
when you want to run frontend and backend simultaneously
then it is better to use public IP directly instead of 0.0.0.0
If you are using ubuntu then we need to change in firewall settings using ufw
UFW is installed by default on Ubuntu. If it has been uninstalled for some reason, you can install it with apt-get:
sudo apt-get install ufw
then
sudo nano /etc/default/ufw
check this line and make it yes
IPV6=yes
save file using Ctrl-X to exit the file, then shift + y to save the changes that you made, then ENTER
At any time, you can check the status of UFW with this command:
sudo ufw status verbose
By default, UFW is disabled so you should see something like this:
Output:
Status: inactive
Not most important point
sudo ufw allow portNumber // here portNumber is port-number in integer
in your case
sudo ufw allow 6000
and allow
sudo ufw allow http
for more rules and firewall on ubuntu click here
I know a little about Linux. Today I created a VPN server on my Ubuntu installation according to Set up a simple IPsec/L2TP VPN server for Ubuntu, Arch Linux and Debian.
But when I finish the installation, I use my iPhone to connect the IPsec VPN, bur it shows the VPN Server has no response.
The GitHub document shows
Ports 1701, 500 and 4500 must be opened for the VPN to work!
So I have tried to open these ports on my Ubuntu server.
I use the iptables command to open these ports, but it failed. Maybe I don't known how to use this command correctly. How can I open these ports on my Ubuntu server?
And if these ports have been opened successfully, can it be proved by the Windows CMD window through telnet'ting the port?
Ubuntu these days comes with UFW - Uncomplicated Firewall. UFW is an easy-to-use method of handling iptables rules.
Try using this command to allow a port:
sudo ufw allow 1701
To test connectivity, you could try shutting down the VPN software (freeing up the ports) and using netcat to listen, like this:
nc -l 1701
Then use telnet from your Windows host and see what shows up on your Ubuntu terminal. This can be repeated for each port you'd like to test.
If you want to open it for a range and for a protocol
ufw allow 11200:11299/tcp
ufw allow 11200:11299/udp