I am running Fedora 18 with KDE. I opened port 5900 via the GUI yesterday and was using VNC just fine, but then tried to open the port for SMTP via a couple of different methods and now the VNC connection is "closing unexpectedly."
That's a vague error but I'm thinking it is a firewall issue. The problem is that I don't have any graphical way to access the firewall now, just via ssh. I tried adding an IPTABLES line, iptables -A INPUT -p tcp --dport 5900 -j ACCEPT, but that didn't seem to make a difference and when I tried iptables --List there was nothing that appeared to be about port 5900. Did I do the iptables line wrong? Should it be OUTPUT instead of INPUT? -I instead of -A? udp instead of tcp?
I would also like to know why "iptables --List" did not seem to have anything about port 5900 in it. Is it possible that Fedora 18 no longer uses iptables?
Anyone have suggestions? It's been hours since I've had no GUI access and I'm getting desperate... :-)
/sbin/service iptables restart
was the missing ingredient to this puzzle. For some reason /sbin/service firewall restart did not work...
Did you save the iptable before you restarted it with
/sbin/service iptables save
Related
I installed centos 7 and cPanel; disabled/masked firewalld and installed and enabled iptables. As soon as I enabled iptables, I disconnected from WHM and SSH. When I disable iptables in rescue mode, I can connect to server via SSH and WHM.
I checked the rules in /etc/sysconfig/iptables, but there is no any rule that rejects access to SSH or WHM ports.
My next step was to install CSF.
Any idea how to fix it?
The quick solution to get rid of the issue is flushing all the Iptables rules with the command
iptables -F
However since you want to keep the Iptables running you will have to configure it to open the required ports with the command
iptables -A INPUT -p tcp --dport 22 -j ACCEPT --- 22 is for SSH , same way you will have to open other ports.
I have a GCE Instance a Debian 1v CPU & 1.7GB. Then I followed the below tutorial and installed webmin on it.
https://www.howtoforge.com/tutorial/how-to-install-webmin-on-ubuntu-15-04/
The installation went successfully. Then I Created a Firewall exception on using the UFW and allowed port 10000.
sudo ufw allow 10000/tcp
But I was not able to access Webmin through the browser.
https://my-gce-instance-ip-address:10000.
Then i created firewall exception using the Google Cloud Console. Again tried the url it didnt work.
Then i thought this might be because of webmin is https mode. So i open the /etc/webmin/miniserv.conf and changed ssl=0. After that i restarted the webmin.
/etc/init.d/webmin restart
Then I tried the the url with Http, still I can't access.
I tried below command and checked the output. Accordingly Webmin is correctly running and listening on port 10000.
netstat -tulpn | grep :10000.
I can't seem to think what I am doing wrong. I have now spent several days on this without and solution in sight. Hope someone can kindly help me?
try this ... it's working for me
iptables -I INPUT 1 -p tcp --dport 10000 -j ACCEPT
service iptables save
/etc/init.d/iptables restart
open both link in Browser
https://your-IP:10000
and
http://your-IP:10000
you need to allow port 10000 from iptables
sudo iptables -A INPUT -p tcp -m tcp --dport 10000 -j ACCEPT
this work for me
i'm using ubuntu 16.04
You don't need to do any firewall configuration in the instance itself. All firewall configuration is done in the Google Cloud console.
The steps I typically follow, as you show to have figured out in your comment, are:
Create the firewall rule, in it opening the particular port you need (10000 in the case of Webmin) for ingress TCP traffic, accepting connections from some IP range (e.g. 0.0.0.0/0), and specifying target tags to be later assigned to instances to which that rule shall apply.
Add one of those tags to the "network tags" section of some particular instance.
This alone should work, opening the port for your instance in the firewall.
I was almost creating another question here on SO when yours was suggested as a possible duplicate. I had followed the steps above on my Webmin machine, and yet the machine refused to connect on port 10000. As I kept writing the question, I figured out my particular problem: in the firewall rule, in the source IP range filter, I set the single meta-address 0.0.0.0 instead of the range 0.0.0.0/0. So, to anyone who has followed the steps above and still can't connect to their webmin installation, do check if your source range filter is correctly set.
I have absolutely no doubt that this is human error due to the fact I have no real clue what I am doing.
I recently installed pptp on my ubuntu 12.04 server so that I can vpn as the server.
However I have obviously open/closed the wrong ports.
Apache starts perfectly as you would expect.
I followed these instructions, point being. I believe my 443 port is closed or similar.
Silly really wasn't it.
Port was closed as I suspected:
iptables -A INPUT -p tcp -d 0/0 -s 0/0 --dport 443 -j ACCEPT
I have a self hosted Nancy application running on a Raspberry Pi and I can't get it to bind to port 80!
It works on port 81, 8090 and I even tried other "reserved" ports such as 443. They all work except 80.
I'm starting the app with sudo so it shouldn't be permissions and 81 works too.
sudo mono Lambda.Console.exe
The obvious culprit for this is that something else is using port 80 but I can't find out what it is. I have tried the usual;
netstat -ln - nothing is listening on port 80
telnet port 80 - connection is refused, suggesting nothing is listening
Does anyone have other suggestions? Can a process still be using the port? I'm stuck at this point.
Cheers
Dave
This is bug in Mono HttpListener I created pull request here: https://github.com/mono/mono/pull/891
Unfortunately I did not find workaround I will try to find robust workaround in Nancy since versions releases are more frequent.
I also found a work around for the issue that involves mapping port 80 to the port your Nacy app has actually bound too.
sudo /sbin/iptables -t nat -A PREROUTING -i eth+ -p tcp --dport 80 -j REDIRECT --to-port 8080
You can undo this using the same command but using -D instead of -A and if you want to check it exists then use -C
Ideally it would be best to use the Nancy patch from #david-karlas or if it comes along a mono fix but if you have to use an old mono version with old Nancy version then this works too.
Prologue:
I would like to make my site live from my PC(Just for some testing).
In Windows, I just click on the WAMP icon in my tray and it gives me an option to "Put Online", meaning anyone on the internet can access the site if I give them the link(with my ip in it)
Current Situation:
I have switched to CentOS and can't find an option to make it online. I thought that there will be a switch in httpd.exe like
/etc/init.d/httpd restart
But I cant find proper answer with google. Help me out
One question, local your server work?
If so take a look at Small overview for iptables and Port 80
First of all make sure that the following is given:
I) In your httpd.conf look for:
#Listen 12.34.56.78:80
Listen 80
Make sure that Listen 80 is active (or the Port you want to use for)
II) Check your IPTABLES or your Firewall if the Port 80 is free to connect
You have to be a super user to accomplish it.
Open flle /etc/sysconfig/iptables:
vi /etc/sysconfig/iptables
This is the standard procedure
Append the following line and save
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
However this did not work for me so I deleted the lines which had "REJECT" in it and it worked
Do not forget to restart iptables service
service iptables restart
Thanks to donald123