I have done "semanage port -a -t http_port_t -p tcp 81" and modified httpd.conf to listen on port 81. After restart httpd service it is not working. but it is working with default port 80. I have checked my SeLinux and it is in fact disabled. Can some one get me out of it?
Any chance you have iptables blocking port 81?
iptables -L
Related
i deploy website on Apache server and curl IP address to give 200 status.
**But ** i try to open website in browser, the website took too long respond
My Setting:
Server : Centos 7
already run command
sudo iptables -I INPUT -p tcp -m tcp --dport 80 -j ACCEPT&
&
sudo iptables -I INPUT -p tcp -m tcp --dport 443 -j ACCEPT
network:
Proto localaddress State Program name
tcp 0.0.0.0:80 LISTEN httpd
tcp 0.0.0.0:443 LISTEN httpd
how do i troubleshoot where is wrong & fix the problem?
I have a system with centOS 7 installed. And on the second system I have windows 10. Both the machines are connected to private network. Now, I want to access the centOS machine remotely over ssh.
I checked the IP address of my windows machine, and then I edited the
/etc/ssh/sshd_config
file on the centOS system, With the following entries
ListenAddress <Ip_address_of_window_machine>
But when I restart the ssh service using the following command
systemctl restart sshd.service
I get the following error
bind to port 22 on <ip-address> failed. cannot assign requested address
But when I configure entries like this
ListenAddress 0.0.0.0
ListenAddress [::]
it works fine. But I want to bound my ssh to just particular iP-address
The ListenAddress configuration options tells sshd process to bind to a specific network interface on the server. If you want restrict access to a CentOS host then you need to use firewall. Though firewalld is the proper way to go (with zones and so on), old good iptables will do the job:
sudo iptables -A INPUT -p tcp -s a.b.c.d --dport ssh -j ACCEPT
sudo iptables -A INPUT -p tcp --dport ssh -j REJECT
Where a.b.c.d is the ip address of windows hosts.
NOTICE: By configuring firewall over the networks you can easily lock yourself out!
I have fresh ContOS 7 and redis (Redis 3.2.12) on it. Redis work great on default port 6379, but when I change the port in redis.conf I have Error msg in logs: # Creating Server TCP listening socket *:6388: bind: Permission denied. My firewall is disable (sudo firewall-cmd --state not running) and I don't know who can block it.
By default the SELinux is enable in your CentOS. Check it sudo vi /etc/selinux/config and you need to change SELINUX enforcing to disabled.
I had same problem, As Gabriel Pereira mentioned, configuring SELinux to accept port for redis fixed my problem.
semanage port -a -t redis_port_t -p tcp 6388
remember to change 6388 to your specified port number.
I was not able to use port 8080 because it was apparently already used.
In order to see which program was using it, I typed the following command in my terminal (on MacOS):
sudo lsof -n -i :8080
Here's the result:
httpd is also listening on port 80, which I found out by using the following command:
sudo lsof -n -i :80 | grep LISTEN
Here's the result:
So I went to find out what this "httpd"-process was. Apparently it is basically the web server installed on my machine. The web server installed on my machine is Apache2.
Given this fact I concluded that Apache2 was apparently configured to listen on port 80 AND on port 8080.
BUT: Here's the crazy thing: I went to the folder /etc/apache2 and opened the file "httpd.conf". In the file Apache is configured to listen on port 80 only !!!
Why the hell is it also listening on port 8080 ?!
How can I make it listen on port 80 only ?
CentOS 6.3 Minimal Configuration. Installed SSH Server, port 22. All works correctly.
I change port 22 on 777 and restart sshd and see in logs:
Jul 26 01:01:07 myserver sshd[1590]: error: Bind to port 777 on 0.0.0.0 failed: Permission denied.
Jul 26 01:01:07 myserver sshd[1590]: error: Bind to port 777 on :: failed: Permission denied.
Jul 26 01:01:07 myserver sshd[1590]: fatal: Cannot bind any address.
/etc/sysconfig/iptables contains:
-A INPUT -m state --state NEW -m tcp -p tcp --dport 777 -j ACCEPT
netstat -tulpn | grep :22 and netstat -tulpn | grep :777 return nothing
Centos uses SELinux by default and I don't think Ubuntu does (or least I've not seen it). Have a look for SElinux permission errors in your logs too.
SELinux does not allow sshd to be run on another port on a default install of CentOS 6.3. Follow -> https://blog.tinned-software.net/change-ssh-port-in-centos-with-selinux/ :
dig a hole into your firewall (you already did that)
add a rule for SELinux to allow sshd to be run on port 777: sudo semanage port -a -t ssh_port_t -p tcp 777
you can disable selinux with command sudo setenforce 0.
sudo setenforce 0
firewall-cmd --add-port=777/tcp --permanent
firewall-cmd --reload
Port 777 is dedicated for Multiling HTTP and even though not in use you can't bind to it. If you try for example to bind to port 8777 it will work just fine.
The problem is informing SELinux, but I think there are two cases:
the port is not already allocated for a built-in service, in such case, this may work:
sudo semanage port -a -t ssh_port_t -p tcp 22777
the port is overwriting some existing service (don't ask me why); in this case this slightly different syntax is necessary:
sudo semanage port --modify -t ssh_port_t -p tcp 777
Of course, such ports should be then made available by updating the firewall:
sudo firewall-cmd --add-port=22777/tcp --permanent
or
sudo firewall-cmd --add-port=777/tcp --permanent
and then:
sudo firewal-cmd --reload