Proto Recv-Q Send-Q Local Address Foreign Address State PID
tcp 0 0 ip:11080 0.0:* LISTEN -
tcp 0 0 ip:5070 0.0:* LISTEN -
tcp 0 0 ip:5071 0.0:* LISTEN -
tcp 0 0 **127.0.0.1:5072** 0.0:* LISTEN -
tcp 0 0 ip:11443 0.0:* LISTEN -
tcp 0 0 **127.0.0.1:11444** 0.0:* LISTEN -
Not able to access port (11444 & 5072) externally.
Only working on Local Host not remotely.
We are using Ubuntu on Google Compute Engine.
Firewall rules Added
Just checking - have you also configured the firewall? By default, the ports may be blocked by the firewall. You can configure it to enable ports via either the Developer Console, or with the gcloud command line tool.
Some extra information about firewall's on Google Compute Engine can be found at:
https://cloud.google.com/compute/docs/networking?hl=en#firewalls
As the netstat output shows, your services listening on port 11444 and 5072 are bound to localhost (127.0.0.1) which means they only accept connections on the local loop interface. Change the binding IP address on your service configuration to 0.0.0.0.
Related
I have my Windows server 2012 which is active on production and running 2 websites of .NET. Now I want to run my wordpress site I had configured everything and my wordpress site was working fine before but all of sudden now am unable to connect to local host and even wp admin dashboard is not appearing so I deleted all that stuff uninstalled MYSQL connector MYSQL and web platform installer too. Even now I'm facing the same problem.
Whenever I try to connect 127.0.0.1 /Localhost I get the same message for both "This site can't be
reached" and if I try to connect with my public ip it says "HTTP Error 404. The requested resource is not found."
My netstat results are mentioned below:
C:\Users\Administrator>netsh http show iplisten
IP addresses present in the IP listen list:
173.208.205.34
173.208.205.35
173.208.205.36
C:\Users\Administrator>netstat -ano
Active Connections
1. Proto Local Address Foreign Address State
PID TCP 0.0.0.0:135 0.0.0.0:0
LISTENING
1192 TCP 0.0.0.0:180 0.0.0.0:0
LISTENING 1388 TCP 0.0.0.0:445 0.0.0.0:0
LISTENING 4 TCP 0.0.0.0:1433 0.0.0.0:0
LISTENING 2812 TCP 0.0.0.0:1443 0.0.0.0:0
LISTENING 1388 TCP 173.208.205.34:80 0.0.0.0:0
LISTENING 4 TCP 173.208.205.34:139 0.0.0.0:0
LISTENING 4 TCP 173.208.205.34:443 0.0.0.0:0
LISTENING 4 TCP 173.208.205.34:443
160.153.147.141:35160 TIME_WAIT 0
TCP 173.208.205.34:1433 122.176.28.110:2048 ESTABLISHED 28
Additionally, I have checked the etc/hosts file it have 127.0.0.1 localhost uncommented there.
I have also disabled the firewall that make no change.
Can anyone tell what is wrong with this ?
I notice that there is no 0.0.0.0:80 in the IP listen list. Does your site bind to localhost:80?
The correct IP address in list should include
0.0.0.0:80 (ipv4) and [::]:80 (ipv6)
I think you can add 127.0.0.1 to IP listen list.
netsh http add iplisten ipaddress=127.0.0.1
Then check whether it is in list.
I am setting up a Nexus OSS on an Azure VM.
I have set it up on a Ubuntu 16.04 LTS.
When I connect to the webapp via an SSH tunnel, I can access the Nexus repository manager. When I try to open it directly, I cannot get it to work.
As per the Azure docs and several Stackoverflow responses, I have updated the NSG and added port 8081 to be allowed but with no success. I also check the UFW (Ubuntu Firewall) and it is not even activated.
EDIT :
netstat -plant | grep 8081
tcp 0 0 127.0.0.1:33519 0.0.0.0:* LISTEN 18081/java
tcp 0 0 0.0.0.0:8081 0.0.0.0:* LISTEN 18081/java
tcp 0 0 127.0.0.1:8081 127.0.0.1:60242 TIME_WAIT -
tcp 0 0 127.0.0.1:8081 127.0.0.1:60366 TIME_WAIT -
tcp 0 0 127.0.0.1:8081 127.0.0.1:60244 TIME_WAIT -
EDIT2 :
admin#nexus-vm:~$ sudo iptables -nL INPUT
Chain INPUT (policy ACCEPT)
target prot opt source destination
Does anyone have any idea what could be wrong?
Thanks in advance!
Regards
The problem was the firewall of my company. Tested it over 4G and it works.
I've setup a linux VM in Azure. I've added incoming port access to the current listening port on Apache. I've also done a curl localhost on the VM and see the apache html text. I hit the public IP of the VM and get nothing. Any ideas?
According to your description, please check those settings:
1. Please check Azure VM's NSG settings, make sure we have add port to inbound rules:
2. Vnet-->subnet's security group settings:
3. Check which port apache listening on:
netstat -ant
root#ubuntu:~# netstat -ant
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 10.1.0.4:55870 191.237.32.134:443 TIME_WAIT
tcp 0 0 10.1.0.4:55874 191.237.32.134:443 TIME_WAIT
tcp 0 0 10.1.0.4:55876 191.237.32.134:443 TIME_WAIT
tcp 0 0 10.1.0.4:55868 191.237.32.134:443 TIME_WAIT
tcp 0 0 10.1.0.4:57772 168.63.129.16:80 TIME_WAIT
tcp 0 0 10.1.0.4:57766 168.63.129.16:80 TIME_WAIT
tcp 0 36 10.1.0.4:22 167.220.255.8:53651 ESTABLISHED
tcp6 0 0 :::80 :::* LISTEN
tcp6 0 0 :::22 :::* LISTEN
By the way, for test please disable ufw with this command ufw disable, then try to access the public IP address.
Update:
I follow those steps to modify apache default port:
1.Modify ports.conf, change port 80 to 80:
root#ubuntu:/etc/apache2# vi ports.conf
Listen 90
<IfModule ssl_module>
Listen 443
2.Add ServerName localhost to /etc/apache2/apache2.conf
root#ubuntu:/etc/apache2# vi /etc/apache2/apache2.conf
# Global configuration
#
ServerName localhost
3.Modify default port in /etc/apache2/sites-enabled/000-default.conf
root#ubuntu:/etc/apache2# vi /etc/apache2/sites-enabled/000-default.conf
<VirtualHost *:90>
4.Add inbound rule to Network Security Group:
By the way, to troubleshoot this issue, we can follow those steps:
1.Login this VM and use curl to test apache2:
curl localhost:90
2.Use your PC to telnet this VM's public IP and port 90
telnet xx.xx.xx.xx 90
If you can't telnet this port, please check your NSG settings and subnet's security group settings.
Here is my result, it works for me:
root#ubuntu:/etc/apache2# netstat -ant | grep 90
tcp6 0 0 :::90 :::* LISTEN
I have a:
Rasberry Pi 2
running
Raspbian Jessie Version:November 2015
I am using Undertow (a Java http server) to serve a website. This is the code that I use to build the server.
Undertow server = Undertow.builder()
.addHttpListener(8890, "localhost")
.setHandler(Handlers.pathTemplate()
.add("/", resource(new PathResourceManager(staticFilePath, 100))
.setDirectoryListingEnabled(false))
.build();
Problem: I am unable to see the webserver from another machine on the local network despite being able to ping and SSH into the PI.
What I have done (on the Pi2):
wget localhost:8890
returns the index.html correctly
netstat -lptn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 127.0.0.1:8890 :::* LISTEN 1743/java
Chrome on my development machine 192.168.1.8:8890 gives
ERR_CONNECTION_REFUSED
wget 192.168.1.8:8890
Connecting to 192.168.1.8:8890... failed: Connection refused.
nmap 192.168.1.8
Starting Nmap 6.40 ( http://nmap.org ) at 2015-12-05 14:05 CST
Nmap scan report for 192.168.1.8
Host is up (0.039s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
22/tcp open ssh
Nmap done: 1 IP address (1 host up) scanned in 1.83 seconds
It is my understanding that there is no firewall so I am baffled as to why I can't see the server from my development machine.
See:
tcp6 0 0 127.0.0.1:8890 :::* LISTEN 1743/java
Your web server listens only on localhost address (127.0.0.1). This way it couldn't be accessed from anywhere but localhost.
And your nmap scan shows the same: the only remotely accessible port is 22.
To access this service remotely you have to bind web server to any non-local address belonging to this raspberry pi (192.168.1.8) or to "any address" 0.0.0.0, as SSH service is bound.
How to do this is written in the manual of your web server. Probably, you have to start is with a "-d" param, i.e.
standalone.sh -b=0.0.0.0
standalone.sh -Djboss.bind.address=0.0.0.0
or something like this.
In listener setup code this looks like
"localhost" have to be replaced with some public name. This could be "0.0.0.0" or "192.168.1.8". We also can
cat "192.168.1.8 somename" >> /etc/hosts
and then use somename:
Undertow server = Undertow.builder() .addHttpListener(8890, "somename")
I have an application running on Windows machine. the application related alerts are to be e-mailed to administrator,for which an e-mail needs to be sent by Java program. The SMTP server is configured on a remote Linux machine in network.
The Java Mail program works fine and sends out an email, when run on the Linux machine. However if the same program is run on Windows it fails to connect to the SMTP server.
Note:
Ping to the Linux Machine (having SMTP server) is successful from Remote windows server.
Telnet < SMTP server hostname > 25 fails from remote machine as well from the machine where SMTP is running
Telnet localhost 25 is sucessful from SMTP server (Linux server).
The email by Java program is sucessfull, if run on SMTP server when hostname is specified as localhost.It fails if you give actual hostname.
/etc/hosts file on SMTP server lists 127.0.0.1 localhost.
How can i use the SMTP server to send an email from remote Windows machine?
I can paste the errors coming up on windows machine but the problem is not with the program; its the way the SMTP server is configured. I am new to SMTP so feel free to correct me if i am wrong.
The objective is to send a java e-mail from remote windows machine using the SMTP server on the Linux machine.
Adding the Output of netstat -ant|grep :25 as requested in the comment below:
[root#XXXXXXXXXXX]# netstat -ant | grep :25
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 ::1:25 :::* LISTEN
tcp 0 0 ::ffff:10.207.70.71:1521 ::ffff:10.207.70.71:25481 ESTABLISHED
tcp 0 0 ::ffff:10.207.70.71:25481 ::ffff:10.207.70.71:1521 ESTABLISHED
tcp 0 0 ::ffff:10.207.70.71:25202 ::ffff:10.207.70.71:3001 TIME_WAIT
tcp 0 0 ::ffff:10.207.70.71:25127 ::ffff:10.207.70.71:3001 TIME_WAIT
tcp 0 0 ::ffff:10.207.70.71:25289 ::ffff:10.207.70.71:3001 ESTABLISHED
tcp 0 0 ::1:51432 ::1:25580 ESTABLISHED
tcp 0 0 ::1:25580 ::1:51432 ESTABLISHED
tcp 0 0 ::ffff:10.207.70.71:25233 ::ffff:10.207.70.71:3001 TIME_WAIT
tcp 0 0 ::ffff:10.207.70.71:3001 ::ffff:10.207.70.71:25289 ESTABLISHED
[root#XXXXXXXXXXX]#
Postfix: Accepting SMTP connections on ALL IP interrfaces
Your SMTP server (postfix) accepts incoming SMTP connection only on loopback interface(s)
[IPv4=127.0.0.1 and IPv6=::1].
Make your postfix listen on all available IP interfaces -> in main.cf configuration file restore default setting inet_interfaces = all
http://www.postfix.org/postconf.5.html#inet_interfaces
Why "loopback only" configuration is used?
Limiting SMTP server to accept only local SMTP connections is pretty common default configuration on "workstations". It allows sending emails (e.g. system warnings/notifications) without accepting any incoming spam.