I want to use my raspberry pi, which runs Manjaro ARM, as a server for my local network. I have a golang server running permanently using systemd services. However, I can't access the website from another computer in the network. I disabled iptables and nftables but it still did not work. The server is running and I can even access the website, but only when using curl on the pi itself.
A ping from another machine works fine but scanning the port with nmap fails (the port is marked as filtered)
My code worked fine on my laptop, which runs regular Manjaro, I was able to access the website from any device on the network (even though iptables was not disabled there)
ss -lnt outputs:
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 4096 0.0.0.0:5355 0.0.0.0:*
LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 4096 [::]:5355 [::]:*
LISTEN 0 4096 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 4096 *:443 *:*
curl -k https://andre-pi outputs Permanent Redirect but only when run on the pi
Any suggestions what else I could try?
With which command have you tried to access the website with curl? And does the server listen to 0.0.0.0 or 127.0.0.1?
Found the answer. There was another firewall I didn't know about called firewalld. I found it by going through all the installed packages with pacman -Qqe wich I piped through less.
Related
I have a Digital Ocean droplet running a NodeJS app with a Mongo DB v 3.2.21. I have been using the Compass app to access the DB via its SSH tunnel option, however it stopped working and is giving me this error when I try to connect:
connect ECONNREFUSED 127.0.0.1:27017.
The Compass configuration is using:
Hostname: localhost
Port: 27017
Authentication: None
SSH Tunnel: Use Identity File
SSH Hostname:
SSH Tunnel Port: 22
SSH Username: root
SSH Identity File: ID_RSA
The result of netstat -ntlp | grep LISTEN on the remote machine is:
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 621/systemd-resolve
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 3209/sshd
tcp 0 0 127.0.0.1:27017 0.0.0.0:* LISTEN 8395/mongod
tcp6 0 0 :::80 :::* LISTEN 9009/node /app/app.
tcp6 0 0 :::22 :::* LISTEN 3209/sshd
tcp6 0 0 :::443 :::* LISTEN 9009/node /app/app.
Some possible clues:
The Compass app is running on a Mac that I just updated to 10.15.4 - I am not 100% sure that the problem coincided with this update but it seems suspicious.
I can SSH into the remote machine using the same credentials via Terminal on my Mac. When I SSH in, I can run the Mongo shell fine, read the db, etc.
My nodeJS app can access the DB fine.
If I stop the app, same message.
If I stop the app and also stop the mongod service, the error message is: Error creating SSH Tunnel: (SSH) Channel open failure: Connection refused
So I think the SSH tunnel is working, but Mongo is refusing the connection (?)
Any help, or pointers would be greatly appreciated. Thanks.
I was having same issue. According to #user2876623's suggestion the problem lies with the Compass app. I just updated Compass to the latest version and it worked fine.
I am building a home server on Raspberry Pi 3 model A+ and am trying to set up Webmin. IP is 192.168.2.16 and the hostname is raspberrypi. Using SSH, I downloaded Webmin and ran it on port 10000, but I cannot access it on my browser at raspberrypi:10000. I can access raspberrypi, though.
I tried restarting it, reinstalling it, and changing the port number as in this post Unable to access Webmin through browser, but none of these seemed to work.
Firewall is disabled as default on Raspberry Pi, so it should not be an issue.
The port is accepting connections and I can access it through the command line, but on the browser the website never loads.
$ nc -zvw 3 raspberrypi 10000
Connection to raspberrypi 10000 port [tcp/webmin] succeeded!
$ netstat -an | grep 10000
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN
tcp 0 0 192.168.2.16:10000 192.168.2.13:53130 ESTABLISHED
udp 0 0 0.0.0.0:10000 0.0.0.0:*
Any help would be appreciated.
Accessing https://raspberrypi:10000 instead of http worked.
I have an embedded device which when connected via usb, it gets a IP assigned. I should be able to telnet to this device using the assigned IP. I can see this in the ifconfig of my ubuntu machine.
Problem:
When I try to telnet, it does not connect and waits endlessly.
Workaround:
Disconnect the usb interface on my ubuntu system and run command $sudo dhclient enp0s20f0u9 manually. This refreshes the usb interface IP (getting the same ip address reassigned) but this time I can successfully telnet to the device.
This I need to do every time I plug in the device using usb. Very annoying. Any idea how to fix this permanently?
Another workaround solution is via updating the routing table.
The routing table at first was:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.16.8.1 0.0.0.0 UG 100 0 0 enp0s31f6
169.254.0.0 0.0.0.0 255.255.255.252 U 100 0 0 enp0s20f0u9
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 docker0
169.254.0.1 169.254.0.2 255.255.255.255 UGH 100 0 0 enp0s20f0u9
172.16.8.0 0.0.0.0 255.255.254.0 U 100 0 0 enp0s31f6
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
As we see, there are two entries for the interface enp0s20f0u9. Deleting the below route also solved the issue.
sudo route del -net 169.254.0.1 gw 169.254.0.2 netmask 255.255.255.255 dev enp0s20f0u9
Apparently this problem exists after Ubuntu 14.04. This post provides a solution but I am not keen on trying this if it will break something else.
I have a Abinitio process running on a Red hat server.
This process is basically a webservice, which is bound to a port on this running unix server.
The front end sends request to this UNIX PORT, which is in turn read by abinitio process and processed further.
How can I identify if the process is bound to the unix port or not?
I face a weird situation every Monday(over the weekend), When I try to hit the webservice through SOAP , I get socket timeout exception.
TO solve this I have to stop and start the process.
I want to identity which all sockets are not responding , given the list of ports.
netstat -lnp will list the pid and process name next to each listening port. This will work under Linux, but not all others (like AIX.) Add -t if you want TCP only.
root#c27bf9ed63c5:/# netstat -lnpt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp6 0 0 127.0.0.1:8005 :::* LISTEN 1/java
tcp6 0 0 :::8009 :::* LISTEN 1/java
tcp6 0 0 :::8080 :::* LISTEN 1/java
Since this is on a UNIX, lsof -i :port_number will give you details of what process is bound to the given port
Use netstat command.
netstat -anp | grep pid
You can also use the nmap to check which ports are listening for a machine.
nmap -sT -O machine_ip
I got Opensips on an Ubuntu Cloud Server, it is listenning the port 5060.
sudo netstat -lpn | grep opensips
tcp 0 0 42.123.76.60:5060 0.0.0.0:* LISTEN 5177/opensips
udp 0 0 42.123.76.60:5060 0.0.0.0:* 5177/opensips
But I test on the remote pc client with tools, and shows that the 5060 was closed:
enter link description here to checking the port status!!
nmap -p5060 42.123.76.60
PORT STATE SERVICE
5060/tcp closed sip
Nmap done: 1 IP address (1 host up) scanned in 0.21 seconds
I am wondering that will it results to nothing received from sip clients
Jitsi on my pc sended REGISTER, meanwhile, the remote Opensips got nothing.
Thanks for your attention, I really appreciate your help!
Have you implemented any firewall? Try "iptables -F"