How can I open port in iptables for SVN?
port 447, os: centos. Apache.
iptables -A INPUT -p tcp -m tcp --dport 447 -j ACCEPT
But generally speaking, you shouldn't use ports below 1024 for arbitrary things.
Apache usually runs on HTTP (port 80) and HTTPS (port 443) and handles SVN with module dav_svn
Related
I have installed turn server in my godaddy server. To see that my turn server is working or not i have used https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/.
ICE Trickle in chrome output:
Chrome Output
ICE Trickle in mozilla output (version-58.0.2(64bit)):
Mozilla output
Issues i am facing:
1.webrtc works only for chrome to chrome(webrtc doesnt work for mozilla to mozilla).
2.mozilla shows "ICE failed add STUN error".
3.why there is different ICE trickle output for both the browsers?
It seems to me that turn server is not working!!
Can anybody help me with these issue i dont know what i am doing wrong. I dont know if its NAT problem or godaddy server problem or anything else. Are godaddy servers behind NAT?
Configurations i have done:
Firewall changes:
iptables -A INPUT -p tcp --dport 3478 -j ACCEPT
iptables -A INPUT -p udp --dport 3478 -j ACCEPT
iptables -A INPUT -p tcp --dport 5349 -j ACCEPT
iptables -A INPUT -p udp --dport 5349 -j ACCEPT
iptables -A INPUT -p udp --dport 49152:65535 -j ACCEPT
service iptables save
Turnserver configuration:
listening-port=3478
listening-ip=1.2.3.4(example)
external-ip=same as listening ip i.e 1.2.3.4(example)
verbose
fingerprint
realm = mydomain.com
I am running turn server using these command :
turnserver -L listening-ip -o -a -f -r mydomain.com
I'm trying to use Rundeck on Ubuntu 14.04.
How do I change the web interface port from 4440 (default) to 80?
The port number seems to be referred to in various config locations (including /etc/rundeck/profile and /etc/rundeck/framework.properties) but changing these had no effect for me and I can't find a specific section in the documentation on changing the web port.
Use a proxy pass with either Apache or Nginx. Its a solution..
You needed to modify these files from 4440 to 80
framework.properties
profile
rundeck-config.properties
But you will get the following java exception when trying to run in 80.
java.net.SocketException: Permission denied
Hence apache or nginx proxy pass is the working solution
Do you can use two rules iptables
iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 4440
iptables -I INPUT -p tcp --dport 4440 -j ACCEPT
Please help me out a little bit. I've inherited a firewall made of CentOS 6 and I'm a bit affraid to modify the iptables at all, but I have to do it for a task.
The tanks is to make one client in the office accessable from the internet but only on one port. Internet comes on the interface ppp0, clients are being serverd on the eth1. And I have to forward the port 80 to 3000. And our public IP to the clients IP. :D Sounds secure and easy right?
I've come up with a sollution, but I'm affraid to give it a go until I'm sure. Please make me sure of it. :D
iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 80 -j DNAT --to-destination 10.1.2.3:3000
iptables -A PREROUTING -t nat -i ppp0 -p tcp --dport 3000 -j DNAT --to-destination 10.1.2.3:3000
Do not apply this to the 80th port because then all the clients will be unable to browse the internet, because they are also using the 80th port. :D
Is it possible to run a buildbot-slave from inside a corporate firewall where you are allowed to create only outgoing connection on standard HTTP(s) ports?
How can I achieve that?
In this case you should run your master to use exactly these ports, i.e. running web interface on HTTP(80) port while using HTTPS(443) port for slaves' connections. However this would require master to run with root privileges which is bad. In this case you could redirect traffic from these ports to the actual used in master with iptables. With default master ports for web interface(8010) and slave connections(9989) you'll get something like:
# iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT --to-destination 127.0.0.1:9989
The same goes for web interface in case you're not using any proxy HTTP server (like nginx, haproxy, lighthttpd, etc).
I installed mongoDB through the official tutorial http://www.mongodb.org/display/DOCS/Building+for+Linux
The daemon starts up, a netstat-na | grep 27017 shows:
tcp 0 0 0.0.0.0:27017 0.0.0.0: * LISTEN
unix 2 [ACC] STREAM LISTENING 100949 / tmp/mongodb-27017.sock
I added these iptables rules:
-A INPUT-p tcp-m tcp - dport 27017-j ACCEPT
-A INPUT-p tcp-m tcp - dport 28017-j ACCEPT
When loading through the browser, I get well on the web management interface in 28017
If I add a remote connection on mongoHQ, I get to use the database
By cons, if I run the client locally, an error is raised:
Error: could not connect to server 127.0.0.1 shell / mongo.js: 79 except: connect failed
Same if I try to use the database on an existing project, can't connect to it.
I turn around, I do not understand, thank you in advance for your help.
Solution if you have this problem :
iptables -t filter -A OUTPUT -o lo -s 127.0.0.0/8 -d 127.0.0.0/8 -j ACCEPT
iptables -t filter -A INPUT -i lo -s 127.0.0.0/8 -d 127.0.0.0/8 -j ACCEPT
And it's ok ^^
Does the firewall need to be explicitly opened on port 27017 to allow outbound TCP connections?
iptables -A OUTPUT -p tcp --dport 27017 -j ACCEPT