I'm new to linux server. I install mongodb on centos 6.3. And I run the mongodb server in this command:
mongod -config /etc/mongodb.conf &
And i'm sure that I have make bind_ip to listen all ip:
# mongodb.conf
# Where to store the data.
dbpath=/var/lib/mongodb
#where to log
logpath=/var/log/mongodb/mongodb.log
logappend=true
rest = true
bind_ip = 0.0.0.0
port = 27017
But, I cannot make mongodb remote access either. my server ip is 192.168.2.24,and I run mongo in my local pc to access this mongodb, it show me this error:
Error: couldn't connect to server 192.168.2.24:2701
7 (192.168.2.24), connection attempt failed at src/mongo/shell/mongo.js:148
exception: connect failed
But, I can access this mongodb in server where mongodb install using this command:
mongo --host 192.168.2.24
So, I think it may success to make mongo remote access, but maybe something wrong with linux server,maybe firewall? So,I try to use the command to check the port whether open for remote access:
iptables -L -n | grep 27017
nothing is returned, then I add port to iptalbes using this command:
iptables -A INPUT -p tcp --dport 27017 -j ACCEPT
iptables -A OUTPUT -p tcp --source-port 27017 -m state --state ESTABLISHED -j ACCEPT
and save the iptables & restart it:
iptables-save | sudo tee /etc/sysconfig/iptables
service iptables restart
I can see port of 27017 is added to iptables list, but it still not work at all. I think it may not success in opening the port of 27017. How should I do for it? I'm new to linux server,by the way my linux server pc is offline. So it can't use the command about "yum". please give me solution in detail. Thanks so much.
It seems like the firewall is not configured correctly.
Disclaimer: Fiddling with firewall settings has security implications. DO NOT USE THE FOLLOWING PROCEDURE ON PRODUCTION SYSTEMS UNLESS YOU KNOW WHAT YOU ARE DOING!!! If in the slightest doubt, get back to a sysadmin or DBA.
The problem
Put simply, a firewall limits the access to services like MongoDB running on the protected machine by unauthorized parties.
CentOS only allows access to ssh by default. We need to configure the firewall so that you can access the MongoDB service.
The solution
We will install a small tool provided by CentOS < 7 (version 7 provides different means), which simplifies the use of iptables, which in turn configures netfilter, the framework of the Linux kernel allowing manipulation of network packets – thus providing firewall functionality (amongst other cool things).
Then, we will use said tool to configure the firewall functionality so that MongoDB is accessible from everywhere. I can't give you a more secure configuration, since I do not know your network setup. Again, use this procedure on production systems at your own risk. You have been warned!
Installation of system-config-firewall-tui
First, you have to log into your CentOS box as root, which allows installation and deinstallation of packages and change system-wide configurations.
Then, you need to issue (the dollar sign denotes the shell prompt)
$ yum -y install system-config-firewall-tui
The result should look something like this
Configuration of the firewall
Next, you need to start the tool we just installed
$ system-config-firewall-tui
which will create a small command line GUI:
Do not simply disable the firewall!.
Press Tab or →| respectively, until the "Customize" button is highlighted. Now press ↵. In the next screen, highlight "Forward" and press ↵. You now should be in a screen called "Other Ports",
in which you highlight "Add" and press↵. This brings you to a screen "Port and Protocol" which you fill like shown below
The configuration explained: MongoDB uses TCP for communicating with the clients and it listens on port 27017 by default for a standalone instance. Note that you might need to change the port according to the referenced list in case you do not run a standalone instance or replica set.
The next step is to highlight "OK" and press ↵, which will seemingly clear the inputs. However, the configuration we just made is saved. So we will press "Cancel" and return to the "Other Ports" screen, which should now look like this:
Now, we press "Close" and return to the main screen of "system-config-firewall-tui". Here, we press "Ok" and the tool asks you if you really want to apply those the changes you just made. Take the time to really think about that. ;)
Pressing "Yes" will now modify the firewall rules executed by the Linux kernel.
We can verify that by issuing
$ iptables -L -n | grep 27017
which should result in the output below:
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:27017
Now you should be able to connect to your MongoDB server.
Related
How do i stop this?
Session stopped
- Press <return> to exit tab
- Press R to restart session
- Press S to save terminal output to file
Network error: Software caused connection abort
It looks SSH keepalive setting has no effect there
If you are still looking for the answer like me, here you go!
Settings -> Configuration -> SSH -> SSH keepalive
Restart MobaXTerm after changing the setting for it to take effect.
https://superuser.com/a/1298536
In my case I have SSH keepalive option checked but this happens every now and then.
So what I do is.
Disable (uncheck) SSH keeaplive close MobaXterm
Open MobaXterm and check SSH keeaplive close MobaXterm (again)
Open MobaXterm enjoy the stability for a couple of weeks...
I am using a licensed version on a computer running Windows 10 Professinal version 20H2.
Both solutions posted above (by #helloworld & #jepachecoh) actually work but there may be need for extra work, so here are a few additions.
The two options above work if:
1. You're connecting to a host (destination server) that is running SSH (daemon) but doesn't have any session timeout configurations set for connecting SSH clients.
2. You're connecting to a host that already has SSH client timeout configuration set but the set value (on the remote host) is either higher than, or equal to the "keepalive" value you have set on your SSH client (like MobaXterm, Putty etc).
If the destination server's "SSH keepalive configurations for the clients" are set, they override your remote client SSH keepalive configurations, hence controlling the session timeouts.
To find out if there are any configs set on the destination server's SSH configurations, use the command below (as root, or a user with sudo privileges):
$ cat /etc/ssh/sshd_config | grep "ClientAlive"
The command above works on multiple Linux and Solaris flavours.
If you don't have admin access to the destination server, your Systems administrator may be managing your session timeouts irrespective of the "keepalive" parameters you set on your SSH client before connecting.
Lastly, if you are using VPN software, or connecting to a demilitarized zone (DMZ), sometimes the session timeouts are controlled at that level (firewall level), so involve your Network administrator.
Bottom line, love your administrators. :-)
I wanted to ease the development by installing MailHog on my centos linux development environment in my virtual box. The php mail() function doesn't report any issues (that is, it returns TRUE) but the outgoing mails did not appear in MailHog. How should I set it up correctly?
Follow these steps:
Download the appropriate MailHog version from https://github.com/mailhog/MailHog/releases. I use MailHog_linux_amd64 in this example but you may need a different version. I assume you use your home directory to store your files. In the likely case you don't do this, please, make the required modifications accordingly.
If your VM uses ip filtering then you should allow the communication through port 8025 with adding a line to the iptable config and restarting it:
vim /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8025 -j ACCEPT
service iptables restart
Launch MailHog with the following command:
./MailHog_linux_amd64 -hostname=mylocal.vbox:8025
where mylocal.vbox is the domain name how the host sees the VM. Now you should see some lines detailing which IP addresses and ports it uses.
Download mhsendmail from here: https://github.com/mailhog/mhsendmail/releases.
Change it to be executable (adjust the path of the file accordingly):
chmod 777 /home/you/mhsendmail_linux_amd641
Change your php.ini to use mhsendmail instead of sendmail:
vim /etc/php.ini
sendmail_path = "/home/you/mhsendmail_linux_amd64"
service httpd restart
View the MailHog web interface from your host computer (use the host name we used above): http://mylocal.vbox:8025/. The webmail interface of MailHog should appear.
Test mail sending from the command line of the VM with this oneliner:
php -r "\$from = \$to = 'your.emailaddress#gmail.com'; \$x = mail(\$to, 'subject'.time(), 'Hello World', 'From: '. \$from); var_dump(\$x);"
It should display true and the web interface of the MailHog should display the new email.
Have fun, send as many emails via the mail() function of php as you want.
Some more ideas:
If you want to override the default IP address and port settings then you should use the following syntax:
./MailHog_linux_amd64 -ui-bind-addr=192.168.56.104:8026 -api-bind-addr=192.168.56.104:8026 -hostname=mylocal.vbox:8026 -smtp-bind-addr=192.168.56.104:8025
In this case you will have to escape the settings in php.ini this way:
sendmail_path = "/home/you/mhsendmail_linux_amd64 --smtp-addr=""192.168.56.104:8025"""
My Go application makes TLS connections via tls.Dial() to exchange data.
It works fine when run from the host:
But the outgoing connection doesn't seem to work when the app is run from a Docker container. The app hangs indefinitely.
Note 1: Same behavior with using docker run -p $(docker-machine ip):2500:2500 ...
Note 2: VM doesn't have extra port forwarding settings other than the default settings that came with docker-machine's default VM.
Docker image build with Dockerfile:
FROM golang:latest
RUN mkdir -p "$GOPATH/src/path/to/app"
# Install dependencies
RUN go get github.com/path/to/dep
VOLUME "$GOPATH/src/path/to/app"
EXPOSE 2500
WORKDIR "$GOPATH/src/path/to/app"
CMD ["go", "run", "main.go"]
Host is OS X running docker-machine.
Question
How can I make the TCP outgoing connection to work?
You are either using boot2docker or docker-machine (since you are running docker on OSX). If you are using boot2docker, you have to forward the ports on VirtualBox as well as docker, have a look at this blog post:
https://fogstack.wordpress.com/2014/02/09/docker-on-osx-port-forwarding/
If you are using docker-machine, you have to connect to the docker-machine assigned ip, not localhost, have a look at this post:
https://github.com/docker/machine/issues/710
I see now that you are using docker-machine specifically, so the post about docker-machine should answer your question.
Edit: I misunderstood the question. You are trying to make an outgoing connection on a forwarded port. That is not correct. By default docker can make outgoing connections on any port. The port forwarding is for incoming connections only. Please try again without specifying any ports to forward. My suspicion is that you are trying to make an outgoing connection on the incoming (forwarded) port.
I've just had exactly the same problem. Was unable to connect out at all.
Restarted the container, and suddenly outgoing connections worked fine. It's possible that the container survived an update of docker?
Currently using Docker version 18.09.3, build 774a1f4
Usage: [options]
Options:
--help, -h Show this help message and exit.
--server=SERVER The server to use to determine the latest
-s SERVER SDK version.
--address=ADDRESS The address of the interface on the local machine
-a ADDRESS to bind to (or 0.0.0.0 for all interfaces).
--port=PORT The port number to bind to on the local machine.
-p PORT
--sdk_root=DIR Overrides where the SDK is located.
--disable_update_check Disable the check for newer SDK versions.
--generated_dir=DIR Set the directory where generated files are created.
--jvm_flag=FLAG Pass FLAG as a JVM argument. May be repeated to
supply multiple flags.
I had come across similar problem while working with Google App Engine for Python-loalhost was not getting its connection established.
$fuser -k 8080/tcp
Try this in terminal/command prompt and restart localhost.
It worked for me. Hope it works for you also. Good luck!
I want to remote debug the nodejs program in Eclipse. I start the node script with the debug option.
$node debug script.js
But I can't connect to the node in Eclispe. When I netstat the node's TCP port. I found that node only listen 127.0.0.1 in debug mode. So I can't connect it from different computer.
But I can't find any startup options that can change to listen to any address.
Anyone know to make it listen to any address to remote debug in other computer?
if anyone else stumble upon this: you can set the node debug to any address as you set the port
node --debug=169.168.1.2:5858 app.js
if that would be the ip of your remote machine or even better to every machine
node --debug=0.0.0.0:5858 app.js
but please be aware that the 2nd option should only be used if you are debugging in your own private network as you open it up for everyone
This is what I do in linux Debian:
install balancer
sudo apt-get install balance -y
then create a route in balancer to reroute your 5858 port to 5859
balance 5859 127.0.0.1:5858
start your app
node --debug app.js
now you can access it from everywhere on port 5859
I'm looking into V8 code that goes through deps/v8/src/debug-agent.* down to deps/v8/src/platform-posix.cpp (for linux) to POSIXSocket::Bind method and it can't seem to have any option about this (unless I'm missing something).
I bet you either hack it and recompile node or you'll need to build a small proxy beside your node process.
Here's a great tut on debugging nodejs from eclipse. Note at the bottom there is a script the author uses to forward localhost:5858 to the remote server's 127.0.0.1. You could also just use an SSH tunnel.
So, to summarize:
start your script with node --debug app.js
configure eclipse as if you were debugging locally
use the node_g script or configure an SSH tunnel
go on vacation now that your code is bug-free
to debug nodejs remotely over SSH session do:
1. install balance on Linux: https://balance.inlab.net/overview/
2. run the command: balance -df 8585 127.0.0.1:5858 > /tmp/balance.out 2>&1 &
3. ssh to your remote Linux box (tunnel will be created 8585 > 5858 > nodejs)
4. run your node script on server: node --debug-brk --nolazy ./myNodeApp.js
5. kick off debug session in WebStorm alt-d to port 8585
now you are remote debugging securely over SSH session