I created a virtual machine CentOS.
Created end-point in the control panel on port 80 and 443. In CentOS added rules to iptables:
# Generated by iptables-save v1.4.7 on Thu Aug 9 18:07:49 2012
*filter
:INPUT ACCEPT [142:12032]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [146:18544]
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
COMMIT
# Completed on Thu Aug 9 18:07:49 2012
Run the application:
CompilerOracle: exclude jregex/Pretokenizer.next
Listening for transport dt_socket at address: 8000
18:07:05,799 INFO ~ Starting /srv/play-1.2.5/localevent
18:07:05,808 INFO ~ Module .svn is ignored, name starts with a dot
18:07:06,820 WARN ~ You're running Play! in DEV mode
18:07:06,975 INFO ~ Listening for HTTP at /127.0.0.1:80 (Waiting a first request to start) ...
I went to the address: *.сloudapp.net
But the application does not start. In what may be the reason?
#update1
SELinux is disabled. Version of CentOS - 6.2
#update2
For the test was installed Apache. Home Apache displayed.
Added proxy from 80 to 9000 port in httpd.conf. Play was launched at the 9000 port.
Apache returns a 503 error. Wget 127.0.0.1:9000 gets everything right.
AFAIK, you have to add an endpoint to your Azure virtual machine in order to allow to connect to the 80 TCP port.
For instance, see this doc, under the "Expose Redis to the outside" section, by setting your private and public ports to 80.
Looked logs Apache:
[error] (13) Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:9000 (127.0.0.1) failed
[error] ap_proxy_connect_backend disabling worker for (127.0.0.1)
Solution:
setsebool httpd_can_network_connect 1
Related
my version of apache
Server version: Apache/2.4.6 (CentOS)
Server built: Apr 20 2018 18:10:38
when I run the command lsof -i :443 it returns nothing
but if I try to run apache (directly by running httpd I got the error, I verified with ps aux that there was no previous httpd/apache process already running)
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:443
However if i try to run a netcat process on 443 nc 0.0.0.0 -l 443 , it does open and I can send data
I'm a bit lost on what could be the problem ?
Found it
Listen 443 was present two times among the different configuration files of apache
it's a pity apache does not have a more explicit error/warning message (i.e "option defined two times" etc.)
It seems another process is using port 443 on your server.
netstat -anp | grep 443
output will be
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN
disable port 443 and start
systemctl start httpd.service
mongodb service cannot start with systemctl start mongodb.service, it would ask for a password. After then when I try mongo command, it throws :
MongoDB shell version v3.6.2
connecting to: mongodb://127.0.0.1:27017
2018-03-18T16:05:39.307+0700 W NETWORK [thread1] Failed to connect to 127.0.0.1:27017, in(checking socket for error after poll), reason: Connection refused
2018-03-18T16:05:39.307+0700 E QUERY [thread1] Error: couldn't connect to server 127.0.0.1:27017, connection attempt failed :
connect#src/mongo/shell/mongo.js:251:13
#(connect):1:6
exception: connect failed
I've been through all google page 1 solution but did nothing, also I try another query, but still again dont work for me, uninstall & install again also didnt work. My current OS distribution is Linux Manjaro.
Any help is appreciated.
Try this:
Type "Mongod" in the terminal to start MongoDB
and then open another terminal and type mongo to start the shell.
This works fine for me.
The connection refused error sounds like a firewall issue.
I would check the appropriate logs for the real reason. In Linux check /var/log/system or /bar/log/messages or other files in that location.
If it turns out firewall issue or /etc/hosts blocking, the allow/open the appropriate port in.
Update:
Opening firewall (iptables for MongoDB port). Type sudo before the following commands and put of where the request is coming from.
iptables -A INPUT -s <ip-address> -p tcp --destination-port 27017 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -d <ip-address> -p tcp --source-port 27017 -m state --state ESTABLISHED -j ACCEPT
**Background **
https://docs.mongodb.com/manual/tutorial/configure-linux-iptables-firewall/
Update 2: Add this additional rule to your firewall and type "sudo" in front of it : Outbound traffic must be accepted for the loopback (127.0.0.1) as well. credits go to: iptables blocking local connection to mongodb
iptables -A OUTPUT -o lo -j ACCEPT
I've installed MongoDB 3.6 on CentOS 7 and am able to connect to it locally:
# cat /etc/centos-release
CentOS Linux release 7.4.1708 (Core)
# mongo
MongoDB shell version v3.6.2
connecting to: mongodb://127.0.0.1:27017
MongoDB server version: 3.6.2
Welcome to the MongoDB shell.
...
>
My server IP address is 192.168.83.45, but I can't login to the MongoDB from the same server via the IP address instead of 127.0.0.1:
# ip addr | grep 'inet '
inet 127.0.0.1/8 scope host lo
inet 192.168.83.45/24 brd 192.168.83.255 scope global enp0s3
inet 10.0.3.15/24 brd 10.0.3.255 scope global dynamic enp0s8
# mongo --host 192.168.83.45
MongoDB shell version v3.6.2
connecting to: mongodb://192.168.83.45:27017/
2018-01-31T23:29:35.817-0500 W NETWORK [thread1] Failed to connect to 192.168.83.45:27017, in(checking socket for error after poll), reason: Connection refused
2018-01-31T23:29:35.818-0500 E QUERY [thread1] Error: couldn't connect to server 192.168.83.45:27017, connection attempt failed :
connect#src/mongo/shell/mongo.js:251:13
#(connect):1:6
exception: connect failed
I have checked the following:
iptables rules: appended (meanwhile my Apache HTTP server is not
blocked)
SELinux status: disabled
MongoDB IP bind: commented out
The check is shown below:
iptables (rule added):
# iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:3000
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:27017
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
My Apache HTTP server works well on port 80 and is not blocked:
# curl http://192.168.83.45
<html>
<head>
<title>Hello World!</title>
</head>
<body>
Hello World!
</body>
</html>
SELinux (disabled):
# sestatus
SELinux status: disabled
mongod.conf (IPbind was commented out, and I clearly understand the risk of simply commenting out this line but this is a virtual machine and is under host only network so it's fine):
# cat /etc/mongod.conf
# mongod.conf
# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/
# where to write logging data.
systemLog:
destination: file
logAppend: true
path: /var/log/mongodb/mongod.log
# Where and how to store data.
storage:
dbPath: /var/lib/mongo
journal:
enabled: true
# engine:
# mmapv1:
# wiredTiger:
# how the process runs
processManagement:
fork: true # fork and run in background
pidFilePath: /var/run/mongodb/mongod.pid # location of pidfile
timeZoneInfo: /usr/share/zoneinfo
# network interfaces
net:
port: 27017
# bindIp: 127.0.0.1 # Listen to local interface only, comment to listen on all interfaces.
#security:
#operationProfiling:
#replication:
#sharding:
## Enterprise-Only Options
#auditLog:
#snmp:
I've not only restarted the services, but also restarted the whole computer, but it still doesn't work. I can neither access my MongoDB from the same computer but via the IP address, nor from a remote computer.
I tested one more thing and now I'm sure it has nothing to do with my firewall. I stopped the MongoDB, changed the default listening port of Apache HTTP server from 80 to 27017 and restarted. Now I can get the HTML document via 27017 port with IP address 192.168.83.45. So I think my firewall rule is OK. There must be something wrong with the MongoDB:
# curl 'http://192.168.83.45:27017'
<html>
<head>
<title>Hello World!</title>
</head>
<body>
Hello World!
</body>
</html>
Despite #Sridharan r.g's solution doesn't work, my resolution was inspired by his answer.
I was so close to the solution:
Change the "bindIp" value from "127.0.0.1" in /etc/mongod.conf AND KEEP TWO SPACES BEFORE THE "bindIp", like this:
...
# network interfaces
net:
port: 27017
bindIp: 0.0.0.0
...
Please note:
There must be exactly two spaces before "bindIp": neither too many
nor too few.
In the default file format of MongoDB 3.6, it doesn't use
"bind_ip = " but rather "bindIp:"
There MUST BE AT LEAST ONE SPACE between the colon after "bindIp"
and the IP address (here it is 0.0.0.0)
If you want to add more than one IP addresses, use comma to separate
each values, and KEEP AT LEAST ONE SPACE between the comma and the
next IP address.
The file format is a little bit tricky, check here the file format specification.
make sure that mongodb daemon is running, and listening on 0.0.0.0, but not 127.0.0.1 port
check the specify mongodb port is listing are not with help of netstat command
still you facing the problem change the
$ vim /etc/mongod.conf
/etc/mongod.conf
Listen to local, LAN and Public interfaces.
bind_ip = 127.0.0.1,192.168.161.100,45.56.65.100
When i start apche server i am getting error like
[root#ram conf]# service httpd start
Starting httpd: httpd: apr_sockaddr_info_get() failed for ram
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
(13)Permission denied: make_sock: could not bind to address [::]:2244
(13)Permission denied: make_sock: could not bind to address 0.0.0.0:2244
no listening sockets available, shutting down
Unable to open logs
I am running it as root user .
How can i fix this ?
When /etc/httpd/conf/httpd.conf is configured so httpd listens on a port other than TCP ports 80, 443, 488, 8008, 8009, or 8443, the semanage port command must be used to add the new port number to SELinux policy configuration.
semanage port -a -t http_port_t -p tcp 12345
Run service httpd start again to start httpd and have it listen on the new port.
From The Apache HTTP Server and SELinux
I have 4 fresh Ubuntu 12.04 instances that I am trying to install Cassandra (DataStax Enterprise) on. I have installed and configured everything (from a known good installation procedure) and I am at the point of connecting to OpsCenter and creating a cluster. The OpsCenter agent seems to install fine on 3 out of the 4 nodes, but the one that is actually running OpsCenter (dual-purposed as an OpsCenter and Cassandra node) fails with:
Install Errored: The installed agent doesn't seem to be responding
In the /var/log/opscenter/opscenterd.log I see this:
WARN: HTTP request http://10.1.1.26:61621/alive? failed: 503 Service Unavailable
This is the node with OpsCenter on it. The opscenterd service is running, 61621 is listening and accessible from other nodes and from itself, I tested wget to that URL and it indeed throws a 503. All other nodes respond with a 200. Not sure what to look for... Any suggestions? Let me know if you need more details - I didn't want to clutter the post with too much useless/irrelevant details...
i found same error like you.
I did change rules Iptables , and the issue resolve.
[root#ip-172-xxxxx ~]# iptables -I INPUT -p tcp --dport 61620 -j ACCEPT
[root#ip-172-xxxxx ~]# iptables -I INPUT -p tcp --dport 50031 -j ACCEPT
[root#ip-172-xxxxx ~]# iptables -I OUTPUT -p tcp --dport 50031 -j ACCEPT
[root#ip-172-xxxxx ~]# iptables -I OUTPUT -p tcp --dport 61620 -j ACCEPT
iptables -L
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:61620
ACCEPT tcp -- anywhere anywhere tcp dpt:50031
ACCEPT tcp -- anywhere anywhere tcp dpt:ddi-tcp-1
Lucky!