I have running centos on guest machine (using virtualbox, connection over nat).
And there's tomcat running on this machine on port 8080.
<Connector port="8080" protocol="HTTP/1.1" address="0.0.0.0"
connectionTimeout="20000"
redirectPort="8443" />
There's port forwarding from host to guest
host 2222, guest 22 (ssh)
host 40001, guest 8080
I try to get page from http://localhost:8080
If I connect from host via ssh and do curl localhost:8080 I get an html page.
But if try to get http://localhost:40001 via browser, it becomes infinitely loading.
netstat -an | find "40001" on host machine shows
C:\Users\user>netstat -an | find "40001"
TCP 0.0.0.0:40001 0.0.0.0:0 LISTENING
TCP 127.0.0.1:30279 127.0.0.1:40001 FIN_WAIT_2
TCP 127.0.0.1:40001 127.0.0.1:30279 CLOSE_WAIT
If I try to telnet on host machine (telnet localhost 40001) the connection is ok.
If I try to get a netstat on guest, I get this
[aegis#localhost ~]$ netstat -an | grep LISTEN | grep tcp
tcp 0 0 127.0.0.1:8005 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:8009 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 ::1:25 :::* LISTEN
I can't figure out why telnet from host is working, but I can't get a page via browser. Could you help me, where I've made a mistake in configuration?
At first, I was discaraged because of working "telnet localhost 40001 from host machine".
But there's difference between 22 and 8080 ports.
22 port is opened by default.
8080 port is not.
If you'll have such a problem, you should allow the firewall connection over 8080 port.
E.g., you can execute this statement:
iptables -I INPUT 1 -i eth0 -p tcp --dport 8080 -j ACCEPT
Related
I'm trying to run a second web service on my VPS at port 3000.
On the VPS I run:
# php -S myhost.com:3000
and then in a browser, navigate to http://myhost.com:3000 but the browser times out and the service logs/outputs nothing.
If I run the service on port 80 (i.e., php -S myhost.com:80 and navigate to http://myhost.com), it works.
So firewall. Except that:
[root#spinal ~]# firewall-cmd --list-ports
3887/tcp 3000/tcp
(the 3887 is another service, which is working correctly.) And I rebooted the VPS after setting up port 3000 in the firewall. I reckon the service is listening correctly because:
[root#spinal ~]# netstat -tupl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:imap 0.0.0.0:* LISTEN 1907/dovecot
tcp 0 0 0.0.0.0:ciphire-data 0.0.0.0:* LISTEN 1876/sshd
tcp 0 0 0.0.0.0:http 0.0.0.0:* LISTEN 1903/nginx: master
tcp 0 0 0.0.0.0:urd 0.0.0.0:* LISTEN 2004/master
tcp 0 0 myhost.com:hbci 0.0.0.0:* LISTEN 2206/php
tcp 0 0 localhost.loca:postgres 0.0.0.0:* LISTEN 1908/postgres
tcp 0 0 0.0.0.0:smtp 0.0.0.0:* LISTEN 2004/master
tcp 0 0 0.0.0.0:https 0.0.0.0:* LISTEN 1903/nginx: master
tcp 0 0 0.0.0.0:imaps 0.0.0.0:* LISTEN 1907/dovecot
tcp 0 0 localhost.lo:cslistener 0.0.0.0:* LISTEN 1878/php-fpm: maste
tcp6 0 0 [::]:imap [::]:* LISTEN 1907/dovecot
tcp6 0 0 [::]:ciphire-data [::]:* LISTEN 1876/sshd
tcp6 0 0 [::]:urd [::]:* LISTEN 2004/master
tcp6 0 0 [::]:smtp [::]:* LISTEN 2004/master
tcp6 0 0 [::]:imaps [::]:* LISTEN 1907/dovecot
I can however connect locally. This works, when run on the VPS:
$ curl http://myhost.com:3000
so that again points at the firewall. But disabling the firewall doesn't help:
# systemctl stop firewalld
so it could be a DNS problem: my browser and the VPS differ on what myhost.com resolves-to. Except that, as mentioned above, switching to port 80 solves the problem. So it's something to do with coming-in on port 3000, from outside. But not firewalld.
The question at Can't reach nodejs on port 3000 from external on CentOS 7 is close to mine, but isn't conclusively answered.
I feel pretty stupid. It was a firewall; not on the VPS, but on my local network. When I tried it on a machine that doesn't go through my local network, it worked. I hope my public confession helps someone else.
I've setup a linux VM in Azure. I've added incoming port access to the current listening port on Apache. I've also done a curl localhost on the VM and see the apache html text. I hit the public IP of the VM and get nothing. Any ideas?
According to your description, please check those settings:
1. Please check Azure VM's NSG settings, make sure we have add port to inbound rules:
2. Vnet-->subnet's security group settings:
3. Check which port apache listening on:
netstat -ant
root#ubuntu:~# netstat -ant
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 10.1.0.4:55870 191.237.32.134:443 TIME_WAIT
tcp 0 0 10.1.0.4:55874 191.237.32.134:443 TIME_WAIT
tcp 0 0 10.1.0.4:55876 191.237.32.134:443 TIME_WAIT
tcp 0 0 10.1.0.4:55868 191.237.32.134:443 TIME_WAIT
tcp 0 0 10.1.0.4:57772 168.63.129.16:80 TIME_WAIT
tcp 0 0 10.1.0.4:57766 168.63.129.16:80 TIME_WAIT
tcp 0 36 10.1.0.4:22 167.220.255.8:53651 ESTABLISHED
tcp6 0 0 :::80 :::* LISTEN
tcp6 0 0 :::22 :::* LISTEN
By the way, for test please disable ufw with this command ufw disable, then try to access the public IP address.
Update:
I follow those steps to modify apache default port:
1.Modify ports.conf, change port 80 to 80:
root#ubuntu:/etc/apache2# vi ports.conf
Listen 90
<IfModule ssl_module>
Listen 443
2.Add ServerName localhost to /etc/apache2/apache2.conf
root#ubuntu:/etc/apache2# vi /etc/apache2/apache2.conf
# Global configuration
#
ServerName localhost
3.Modify default port in /etc/apache2/sites-enabled/000-default.conf
root#ubuntu:/etc/apache2# vi /etc/apache2/sites-enabled/000-default.conf
<VirtualHost *:90>
4.Add inbound rule to Network Security Group:
By the way, to troubleshoot this issue, we can follow those steps:
1.Login this VM and use curl to test apache2:
curl localhost:90
2.Use your PC to telnet this VM's public IP and port 90
telnet xx.xx.xx.xx 90
If you can't telnet this port, please check your NSG settings and subnet's security group settings.
Here is my result, it works for me:
root#ubuntu:/etc/apache2# netstat -ant | grep 90
tcp6 0 0 :::90 :::* LISTEN
I'm developing a Qt application and experience rather weird network issue.
Let me show how it looks from end-user perspective.
First I start up my server and verify that it's listening on a target port:
[user#host server]$ sudo netstat -anp | grep 30004
tcp 0 0 0.0.0.0:30004 0.0.0.0:* LISTEN 11113/./server
Then I connect to the server with telnet:
[user#host server]$ telnet localhost 30004
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Connection closed by foreign host.
Netstat displays that connection is now established. Nothing fancy so far:
[user#host server]$ sudo netstat -anp | grep 30004
tcp 0 0 0.0.0.0:30004 0.0.0.0:* LISTEN 11113/./server
tcp 0 0 127.0.0.1:30004 127.0.0.1:34608 ESTABLISHED 11113/./server
tcp 0 0 127.0.0.1:34608 127.0.0.1:30004 ESTABLISHED 12657/telnet
Then the server drops the connection based on application-specific timeout. It is set to 10 seconds at the moment:
[user#host server]$ sudo netstat -anp | grep 30004
tcp 0 0 0.0.0.0:30004 0.0.0.0:* LISTEN 11113/./server
tcp 0 0 127.0.0.1:30004 127.0.0.1:34608 TIME_WAIT -
I then shut down the server and verify that the listenning socket is destroyed:
[user#host server]$ sudo netstat -anp | grep 30004
tcp 0 0 127.0.0.1:30004 127.0.0.1:34608 TIME_WAIT -
Finally I start up the server again, but the listening port doesn't show up anymore:
[user#host server]$ sudo netstat -anp | grep 30004
tcp 0 0 127.0.0.1:30004 127.0.0.1:34608 TIME_WAIT -
As a result client cannot connect to the server:
[user#host server]$ telnet localhost 30004
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
What am I doing wrong here? I'm inclined to think that this is a configuration issue, not a bug in the application.
This scenario seems to work on my laptop's Ubuntu. The aforementioned output was produced on linux box as well.
UPDATE: One more thing that is different in these two environemnt is qt version. On my notebook I have 4.8.6, on linux box it's 4.6.2. Not sure if it matters.
Apparently there was an issue with versions of qt libraries. We upgraded it to latest 4.x.x and now the problem seems to be resolved.
After installing Glassfish on a CentOS only unziping the zip archive, my server doesn't not bind on ipv4.
With
netstat -tnlup
I've got the result :
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 5278/mysqld
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 4621/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 4825/master
tcp 0 0 :::8686 :::* LISTEN 14659/java
tcp 0 0 :::4848 :::* LISTEN 14659/java
tcp 0 0 :::8080 :::* LISTEN 14659/java
tcp 0 0 :::3700 :::* LISTEN 14659/java
tcp 0 0 :::8181 :::* LISTEN 14659/java
tcp 0 0 :::22 :::* LISTEN 4621/sshd
tcp 0 0 ::1:25 :::* LISTEN 4825/master
tcp 0 0 :::7676 :::* LISTEN 14659/java
udp 0 0 0.0.0.0:68 0.0.0.0:* 1168/dhclient
How can I force glassfish listen on ipv4 addresses too ?
You may find Glassfish is bound to IPv4 (and IPv6) but is being blocked by the iptables firewall settings:
As root:
/etc/init.d/iptables stop
Then try accessing Glassfish via IPv4. If that works then you can re-enable iptables and set the appropriate rules for your environment.
That CentOS isn't showing ports bound on IPv4 when they are also bound on IPv6 looks like a bug to me (2.6.32-358.23.2.el6.x86_64).
I just had this same problem. Not sure yet what triggered the issue, as I have two other servers with the same software that don't show this issue.
In my case, I was able to fix it by adding this environment variable:
export _JAVA_OPTIONS="-Djava.net.preferIPv4Stack=true"
Once I restarted Java with this variable, it bound to IPv4, but not v6. I'm curious as to why it's not binding to both.
I have magically been able to break port 80 / Apache server when following a guide to install PHPMyAdmin (http://www.krizna.com/centos/installing-apache2-mysql-server-php-centos-6-lamp/#apache)
Prior to me to starting the guide, Apache 2 was working for me (was able to view pages and see the default blue one)
I followed the guide down to Step 4 under "PHP installation" and went to check the page and I was getting the following error (note: I skipped Mysql installation since I have it already installed and "Testing your page" in the Apache section since I had it working prior).
ERROR
The requested URL could not be retrieved
The following error was encountered while trying to retrieve the URL: http://`192.168.141.22`/
Read Error
The system returned: (104) Connection reset by peer
An error condition occurred while reading data from the network. Please retry your request.
Your cache administrator is webmaster.
Generated Wed, 03 Jul 2013 19:04:56 GMT by tx22rrpep4da (hpm/3.0.55)
I tried to uninstall (yum erase) httpd and php and re-install and no success.
I did an nmap and it shows 80/tcp filtered http.
I even disabled/stopped IP tables incase that was the issue, no luck. I have other things like TS3 running on other ports fine.
Restarted the dedicated server.
netstat -tulpn
te PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 25896/httpd
tcp 0 0 0.0.0.0:30033 0.0.0.0:* LISTEN 2967/./ts3server_li
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 2736/named
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2798/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2873/master
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 2736/named
tcp 0 0 0.0.0.0:10011 0.0.0.0:* LISTEN 2967/./ts3server_li
tcp 0 0 ::1:53 :::* LISTEN 2736/named
tcp 0 0 :::22 :::* LISTEN 2798/sshd
tcp 0 0 ::1:953 :::* LISTEN 2736/named
udp 0 0 0.0.0.0:9987 0.0.0.0:* 2967/./ts3server_li
udp 0 0 127.0.0.1:53 0.0.0.0:* 2736/named
udp 0 0 ::1:53 :::* 2736/named
I had a few other people test the IP in case it was just my connection but they all got the same as well (IP: 192.168.141.22 )
Really hoping I can get this fixed with out doing something over the top like wiping and re-installing centos 6.
The netstat command is showing that Apache is in-deed listening on the following IP & port:
0 0.0.0.0:80
If you want reach Apache in 192... ip, then you need to edit one of the .conf files that has the "Listen" directive(normally in /etc/httpd/conf.d/ports.conf or the main .conf file) and either put in the ip or remove all ips so Apache can listen on all interfaces available in the machine.