I am not sure if stackoverflow allows for server configuration questions as well, but as this might be related to apache I hope someone can help. I am trying to setup my cloudserver to allow for incoming connections on port 80 so that I can see my server files when I enter either http://domain.com in a browser. Apache is installed and I am currently busy setting up my iptables (which I suspect might be the problem).
My current iptables are as follows:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
REJECT all -- anywhere anywhere reject-with icmp-host- prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-host- prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
As this is my first attempt at this (and my network experience goes with what the GUI on MS machines offer) I am not sure if I did it correctly.
Any ideas?
Managed to get it to work, apache wasn't started :)
Related
I have a pcap file that I modified with tcprewrite to set source and destination IP = 127.0.0.1, while the port numbers are different. I also set both mac addresses to 00:00:00:00:00:00 as I understand that comms over localhost ignore MAC. I made sure checksum was fixed.
When I run tcpreplay -i lo test-lo.pcap in one shell, and tcpdump -i lo -p udp port 50001 in another, I see the traffic. Yet, when I try to view the traffic with netcat -l -u 50001, it sees nothing. Wireshark is capturing the traffic correctly.
Side note: I'm seeing the following warning when running tcpreplay on localhost:
Warning: Unsupported physical layer type 0x0304 on lo. Maybe it works, maybe it won't. See tickets #123/318 That seems worrisome.
I'm asking because my own UDP listener code is also having the same problem as netcat and thought that maybe I'm missing something. Why would traffic be seen by tcpdump and wireshark, and not by netcat?
I'm asking because my own UDP listener code is also having the same problem as netcat and thought that maybe I'm missing something. Why would traffic be seen by tcpdump and wireshark, and not by netcat?
Look at this image of the kernel packet flow from wikipedia:
As you can see, there are different places along the path where packets can be accessed. Wireshark uses libpcap, which uses an AF_PACKET socket to see packets. Your UDP listener, like netcat, uses regular user-space sockets. Let's highlight both on this image. Wireshark obtains packets via the red path, netcat via the purple one:
As you can see, there is a whole sequence of steps packets have to go through in the kernel to get to a local process socket. These steps include bridging, routing, filtering etc. Which step drops your packets? I don't know. You can try tweaking the packets and maybe you'll get lucky.
If you want a more systematic approach, use a tool like dropwatch. It hooks into the kernel and shows you counters of where the kernel drops packets.
I am running ubuntu 18.04 on my virtualbox and my host machine is a mac. There is a service active on port 8080 on the VM but I have port forwarded that to my host the same way that I have done it for other ports via Settings -> Network -> Port Forwarding. I have confirmed that other ports are properly port forwarded as I can actually see a different webpage hosted on port 5000. (And port 22 is working as that's how I've ssh to my VM). I am not able to see a webpage when I visit http://127.0.0.1:8080 or http://localhost:8080
My problem is that I am not sure why I'm having trouble with port 8080 where my Vue app is running at. After running the command "yarn serve", I get
App running at:
- Local: http://localhost:8080/ (copied to clipboard)
[19:11:02] Server listening on localhost:8080
Some of the things I've checked are:
Firewall:
sudo uft status
Status: inactive
sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Running nmap on VM shows:
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
5000/tcp open upnp
5432/tcp open postgresql
8080/tcp open http-proxy
Running nmap on host machine shows:
PORT STATE SERVICE
22/tcp open ssh
5000/tcp open upnp
5001/tcp open commplex-link
5050/tcp open mmcc
8000/tcp open http-alt
8080/tcp open http-proxy
If I do curl localhost:5000 from host I get what is expected but if I do curl localhost:8080 I get
curl: (56) Recv failure: Connection reset by peer
Note: doing curl on both ports 5000 and 8080 returns information as expected from Ubuntu VM.
What's my problem?
If this is off topic please redirect me. I've tried posting on stackexchange network engineering but it doesn't even have the virtualbox tag.
I ended up running the project on my host and worked straight away. I also created a new vue app on the VM and was able to view the webpage from the host's browser. My guess is that the project that couldn't be seen on the host browser is also using other services running on different ports which I have not port forwarded for. Although this is just my guess.
I have:
VPN server (SoftEther), to which I connected.
IP Tables rules to send all traffic from VPN to Proxy server.
Proxy server (Java). I use LittleProxy https://github.com/adamfisk/LittleProxy. It doesn't intercept HTTPS traffic.
All these items connected like this:
VPN client ===> VPN server ===> Proxy server ===> Intenet
HTTP traffic works fine, but HTTPS doesn't.
When I try to go to https://google.com, I see an error in Chrome:
This site can't provide a secure connection
When I connect browser directly to the Proxy server - HTTPS works fine
When I connect only to VPN server - HTTPS works fine.
The same problem appears, if I switch VPN to OpenVPN.
After sniffing traffic I identified that HTTPS requests are trying to go via HTTP protocol to HTTPS address. It seems to be some issues with redirect, since when I just go to www.google.com, after 2 redirects (generated by google) I am able to reach google via https, but when I enter https://google.com - error.
In Wireshark I got 400 error:
Expert Info (Warning/Security): Unencrypted HTTP protocol detected over encrypted port, could indicate a dangerous misconfiguration.
My IP Tables rules:
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DNAT tcp -- ip-192-168-200-0.ec2.internal/24 anywhere tcp dpt:http to:172.31.64.145:9090
DNAT tcp -- ip-192-168-200-0.ec2.internal/24 anywhere tcp dpt:https to:172.31.64.145:9090
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- ip-192-168-200-0.ec2.internal/24 anywhere
MASQUERADE all -- ip-192-168-200-0.ec2.internal anywhere
Where 172.31.64.145:9090 - IP of Proxy server.
VPN server and Proxy servers run on the same AWS instance.
I'm using the new Azure cloud app and I have created a new VM with ubuntu 14.04.
I installed apache2 and some common modules (like php5).
Well, after that, I configured my app, but when I tried to access, The browser shows "Timeout" (using Chrome). The "ping" maps the hostname to the ip address but it doesn't gets any response (i suppose that ping is disabled by default)
At first I thought it was my app, so I only set the default apache settings in the "sites-enabled" folder (the one with the static html page that comes with apache).
But the same happens, so I check the usual things like firewall, iptables rules, etc. But I get always the same result :/
This is not my first server, but I'm not able to think in another option, so I just want to check what you guys think about what could be the problem.
iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:68
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ufw status
Status: inactive
default settings on the site-enabled folder (I erased the comments lines)
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
netstat -ntlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1654/sshd
tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 34899/postgres
tcp 0 0 x2.x2.x2.x2:16001 (other ip diff from server's ip) 0.0.0.0:* LISTEN 937/python
tcp6 0 0 :::80 :::* LISTEN 48801/apache2
tcp6 0 0 :::22 :::* LISTEN 1654/sshd
telnet ip 80 (from my pc)
Connecting To x.x.x.x 80...Could not open connection to the host, on port 80
: Connect failed
telnet localhost 80
Connected to localhost.
Escape character is '^]'.
exit
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>501 Not Implemented</title>
</head><body>
<h1>Not Implemented</h1>
<p>exit to / not supported.<br />
</p>
<hr>
<address>Apache/2.4.7 (Ubuntu) Server at x3.x3.x3.x3 Port 80</address>
</body></html>
Connection closed by foreign host.
The ip x2.x2.x2.x2 and x3.x3.x3.x3 have the same value but they aren't equal to the server IP. (At least isn't the same ip value I use to connect to the VM by ssh)
Sounds like it might be an endpoint. By default when you create a virtual machine in the Azure portal, endpoints for Remote Desktop, Windows PowerShell Remoting, and Secure Shell (SSH) are automatically created.
You will have to go into the Azure portal to configure additional endpoints.
Each endpoint has a public and private. Public is used for outside requests/traffic coming into the VM through the load balance. Private is use by the VM for incoming traffic to route to the proper port/app.
Here is a link on Azure help that talks about setting up endpoints
https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-set-up-endpoints/
In UDP, destination IP and destination port number are used to demultiplex the packets, but in TCP destination IP, source IP, destination port number and source port numbers (4-tuple) all needed to distinguish between the connections why reasoning for this usage.
This is entirely due to the fact that UDP is connectionless - it doesn't have any concept of connections, so it is only the destination address that matters.