Can't access RabbitMQ web management interface from external ips - rabbitmq

After a fresh install of RabbitMQ server on CentOs 7.7
I can reach the :15672 port from localhost
curl -i http://localhost:15672
HTTP/1.1 200 OK
But i cant reach the web interface from external ips
curl -i http://serverRemoteIp:15672
curl: (7) Failed connect to serverRemoteIp:15672; Connection timed out
the server is remote, so i need access from remote ips
any idea?

First, yesterday I exec this on my server
sudo iptables -A INPUT -p tcp -m tcp --dport 15672 -j ACCEPT
and the problem continue. Yoday I run:
iptables -I INPUT 1 -p tcp --dport 15672 -j ACCEPT
service iptables save
service iptables restart
and works!!

Related

How to i fix timeout problem when i deploy website Apache server

i deploy website on Apache server and curl IP address to give 200 status.
**But ** i try to open website in browser, the website took too long respond
My Setting:
Server : Centos 7
already run command
sudo iptables -I INPUT -p tcp -m tcp --dport 80 -j ACCEPT&
&
sudo iptables -I INPUT -p tcp -m tcp --dport 443 -j ACCEPT
network:
Proto localaddress State Program name
tcp 0.0.0.0:80 LISTEN httpd
tcp 0.0.0.0:443 LISTEN httpd
how do i troubleshoot where is wrong & fix the problem?

Boot from NFS server with UBoot

I have a problem with an NFS server. I basically have to boot an embedded processor from NFS.
On an ubuntu machine I simply put the filesystem in /tftpboot,
added in /etc/exports this line:
/tftpboot *(rw,no_root_squash,no_all_squash,sync)
then I executed the commands:
sudo /usr/sbin/exportfs -av
sudo /etc/init.d/nfs-server restart
but on the embedded processor I get this error:
Looking up port of RPC 100003/2 on 192.168.2.11
Looking up port of RPC 100005/1 on 192.168.2.11
VFS: Unable to mount root fs via NFS, trying floppy.
VFS: Cannot open root device "nfs" or unknown-block(2,0)
Please append a correct "root=" boot option
Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(2,0)
in particular the lines
Looking up port of RPC 100003/2 on 192.168.2.11
Looking up port of RPC 100005/1 on 192.168.2.11
make me think that the problem is in the configuration of the NFS server, anybody can help me?
I had today exactly the same problem with an old embedded device and an NFS Server installed on SUSE Leap.
I sniffed the communication with Wireshark and it gave me an idea of what went wrong.
In my case the problem had to do with "iptable filter" and "NFS server version":
Configure iptables to open the NFS related ports at the NFS server side
My device only supported version 2 of NFS, and SUSE NFS server was configured by default to support v3 and v4.
To solve 1:
You can check post
Iptables Rules for NFS Server and NFS Client
sudo iptables -A INPUT -s 172.17.200.26/16 -d 172.17.200.26/16 -p udp -m multiport --dports 10053,111,2049,32769,875,892,20048,950 -m state --state NEW,ESTABLISHED -j ACCEPT
sudo iptables -A INPUT -s 172.17.200.26/16 -d 172.17.200.26/16 -p tcp -m multiport --dports 10053,111,2049,32803,875,892,20048,950 -m state --state NEW,ESTABLISHED -j ACCEPT
sudo iptables -A OUTPUT -s 172.17.200.26/16 -d 172.17.200.26/16 -p udp -m multiport --sports 10053,111,2049,32769,875,892,20048,950 -m state --state ESTABLISHED -j ACCEPT
sudo iptables -A OUTPUT -s 172.17.200.26/16 -d 172.17.200.26/16 -p tcp -m multiport --sports 10053,111,2049,32803,875,892,20048,950 -m state --state ESTABLISHED -j ACCEPT
To solve 2 You can check:
https://documentation.suse.com/sles/15-SP1/html/SLES-all/cha-nfs.html#sec-nfs-configuring-nfs-server
Enable NFS version 2 on the server by modifying /etc/sysconfig/nfs by setting:
NFSD_OPTIONS="-V2"
MOUNTD_OPTIONS="-V2
I hope it helps someone, i lost some hours with this issue
I add a screenshot of problem 2 which was found because of wireshark capture:

Remote access to Huawei E3372 WebInterface on headless RaspberryPi

I'm trying to (remotely) connect to the E3372's (Huawei LTE stick) WebInterface...
The E3372 is recognised by my RaspberryPi as "12d1:14dc Huawei Technologies Co., Ltd." - so it seems to be in HiLink-mode. Good.
using
> ifconfig
I see that the stick uses eth1 / 192.126.8.100
and the WebInterface's web-server is supposed to run on 192.168.8.1...
To verify this, on the Pi (from PC using ssh to eth0 with a DHCP-assigned IP-address of 192.168.10.123) I can e.g. query (read) the starting-page of the E3372's WebInterface using:
> curl 192.168.8.1/html/home.html
...so obviously the web-server is up-and-running!
Now I try to forward connections on eth0's port=80 (192.168.10.123:80) to 192.168.8.1:80, so I can then access the WebInterface from an external PC connected to the Pi's eth0; so I:
1) enable ip4-port-forwarding:
> sudo nano /proc/sys/net/ipv4/ip_forward
--> and change the '0' to '1'
2) use iptables to set the appropriate forwarding:
> sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -i eth0 -j DNAT --to 192.168.8.1:80
> sudo iptables -A FORWARD -p tcp -d 192.168.8.1 --dport 80 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
Now using a browser on the PC with the URL "http://192.168.10.123" yields (after some seconds): "This site can’t be reached"...
please help! what's wrong here???
Thanks for helping!

Using iptables to map privilaged to non-privilaged port

I have an apache webservice running on port 8080 but would like to be able to connect on port 80. However, my unix sysadmin does not allow apache to be started as root nor does she provide access to sudo.
However, she will execute commands on request.
I believe this can be achieved with iptables. Is there a way to map port 80 to 8080 and 443 to 8083 without this sysadmin having to edit any files.
i.e. just using echo with appender >>.
She can do this by running :
iptables -t nat -I PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -I PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8083
This will make redirection active immediately, but doesn't save it and thus it will not work anymore after a reboot.
It is possible to do this without editing any file at all by using iptables-save. But it depends which linux flavor you're running, and if you use ferm, ufw, or some other firewall management tools.
On RedHat/CentOS, she could just do :
iptables -t nat -I PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -I PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8083
iptables-save > /etc/sysconfig/iptables
On other OSes variants, YMMV !

How to configure JMeter for SSH tunneling over a different host

i have trouble setting up a JMeter client to connect to a remote JMeter server over an intermediate jumphost.
Especially which ports need to be open and forwarded to which host and how to configure JMeter for that. Apparently there are some blog posts about similar setups but neither describes the ports in detail nor do the connect over an external host (all use localhost?).
The setups is:
JMeter GUI(client) <-> Jumphost <-> JMeter Server
I need to setup one or more SSH Tunnels on the Jumphost and tell the Client and server to connect to this host.
Help will be much appreciated!
http://rolfje.wordpress.com/2012/02/16/distributed-jmeter-through-vpn-and-ssl/
Here I see ports in the article:
-A RH-Firewall-1-INPUT -p udp -m udp --dport 1099 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 1099 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 50000 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 50000 -j ACCEPT
Tried with Java 8
1. Client - modify jmeter.properties file adding:
remote_hosts=127.0.0.1:55511
client.rmi.localport=55512
2. Server - modify jmeter.properties file adding:
server_port=55511
server.rmi.localhostname=127.0.0.1
server.rmi.localport=55511
3. Connect to the server using:
Linux and Mac users
ssh solr#server -L 55511:127.0.0.1:55511 -R 55512:127.0.0.1:55512
Windows users
putty.exe -ssh user#server -L 55511:127.0.0.1:55511 -R 55512:127.0.0.1:55512
4. Server - start jmeter
cd apache-jmeter-2.13/bin/
./jmeter-server -Djava.rmi.server.hostname=127.0.0.1
5. Client - start jmeter
cd apache-jmeter-2.13/bin/
./jmeter.sh -Djava.rmi.server.hostname=127.0.0.1 -t test.jmx