I'm facing issue with firewall configuration on centos-7 vm instance on gcp.cPanel(2082,2083) and WHM(2086,2087) ports are open but still firefox in not launching the WHM. see the comand below.
[root#centos-7-1 ~]# netstat -ntlup | grep cp
tcp 0 0 0.0.0.0:2087 0.0.0.0:* LISTEN 3468/cpsrvd (SSL) -
tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 5361/exim
tcp 0 0 127.0.0.1:783 0.0.0.0:* LISTEN 3455/perl
tcp 0 0 0.0.0.0:2095 0.0.0.0:* LISTEN 3468/cpsrvd (SSL) -
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp 0 0 0.0.0.0:2096 0.0.0.0:* LISTEN 3468/cpsrvd (SSL) -
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 5361/exim
tcp 0 0 10.160.0.2:53 0.0.0.0:* LISTEN 3523/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 3523/named
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 3614/sshd
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 5361/exim
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 3523/named
tcp 0 0 0.0.0.0:2077 0.0.0.0:* LISTEN 5567/cpdavd - accep
tcp 0 0 0.0.0.0:2078 0.0.0.0:* LISTEN 5567/cpdavd - accep
tcp 0 0 0.0.0.0:2079 0.0.0.0:* LISTEN 5567/cpdavd - accep
tcp 0 0 0.0.0.0:2080 0.0.0.0:* LISTEN 5567/cpdavd - accep
tcp 0 0 0.0.0.0:2082 0.0.0.0:* LISTEN 3468/cpsrvd (SSL) -
tcp 0 0 127.0.0.1:579 0.0.0.0:* LISTEN 3634/cPhulkd - proc
tcp 0 0 0.0.0.0:2083 0.0.0.0:* LISTEN 3468/cpsrvd (SSL) -
tcp 0 0 0.0.0.0:2086 0.0.0.0:* LISTEN 3468/cpsrvd (SSL) -
cpanel Tech team has reply on the above saying.
Hello,
Thank you for your reply back!
Attempting to connect to the server over port 2087 from the outside it seems that there is some sort of firewall rule in place that is filtering out the requests to that port:
======
[root#test ~]# nmap 35.200.142.242 -p 2087
Starting Nmap 6.40 ( http://nmap.org ) at 2019-01-23 04:37 CST
Nmap scan report for 242.142.200.35.bc.googleusercontent.com (35.200.142.242)
Host is up (0.26s latency).
PORT STATE SERVICE
2087/tcp filtered eli
Nmap done: 1 IP address (1 host up) scanned in 9.54 seconds
However, I was able to confirm that the port 2087 is open for outgoing at this moment in time:
======
[10:41:08 centos-7-1 root#11256229 ~]cPs# telnet portquiz.net 2087
Trying 5.196.70.86...
Connected to portquiz.net.
Escape character is '^]'.
I would recommend to review over the port configuration again or reach out to a system administrator that may be able to assist further with the firewall setup and configuration through Google Cloud.
Please keep in mind this problem does not appear to be related to or caused by cPanel or by the basic configuration of the cPanel-bundled software. We're happy to help as much as possible but our technical analysts aren't replacements for a qualified systems administrator. We've provided the data and information that will help you carry on to the next step.
I certainly understand that not everyone has a Systems Administrator.
For a list of System Administration Services, feel free to reference our public services list available here: http://go.cpanel.net/sysadmin
Please note, however, that cPanel cannot be held liable for any services performed by third-party providers.
First check that you have created the required firewall rules in Google Cloud Platform, refer to this documentation on how do it, also verify the firewall rules inside your instance using:
iptables -L
firewall-cmd --get-active-zones
firewall-cmd --info-zone= {activezone}
I also ran an nmap -Pn 35.200.142.242 and got the following output:
So the port 2087 isn't open, I couldn't telnet either.
Finally when trying to debug network issues I suggest you to use one of these tools:
iftop, iptraf-ng and tcpdump.
Edit: If you have SELinux in enforcing mode, be sure that the cPanel files are in the correct context.
Related
I have a program that occasionally fails to start because an IP/port that it wants to connect to is already in use. How can I programatically check which process is using the port? I can manually run lsof after I notice the failure, but whatever process is using the port must be using it for a very short time because by the time I run lsof, it says nothing is using the port. Thus, I'd like to programmatically find which process is using the port, immediately after the failure to connect, within the program that failed. How can I do this? It must be possible, because lsof does it.
You can check the process using netstat. It will give the pid of the process.
To check the port 8080 , you can do
nabil#LAPTOP~$ netstat -natup | grep 8080
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 63610/test-py
Here an example
nabil#LAPTOP:~$ netstat -natupe
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 127.0.0.1:5010 0.0.0.0:* LISTEN 1000 261855 66050/confd.smp
tcp 0 0 127.0.0.53:53 0.0.0.0:*
tcp6 0 0 127.0.0.1:50736 127.0.0.1:4569 ESTABLISHED 1000 697733 63666/java
tcp6 0 0 127.0.0.1:41145 127.0.0.1:49159 TIME_WAIT 0 0 -
tcp6 0 0 127.0.0.1:41145 127.0.0.1:44619 TIME_WAIT 0 0 -
udp 0 0 127.0.0.53:53 0.0.0.0:* 101 23138 -
I am not able to reach any domain via CURL from the AWS instance. I have checked all the configuration everything seems ok to me. Attaching output of few commands.
iptables
root#ip-172-31-26-121:~# iptables -nvL
Chain INPUT (policy ACCEPT 4177 packets, 404K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 3751 packets, 930K bytes)
pkts bytes target prot opt in out source destination
root#ip-172-31-26-121:~#
UFW not installed
netstat
root#ip-172-31-26-121:~# !netstat
netstat -ntup -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 870/nginx: master p
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 884/mysqld
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 870/nginx: master p
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 641/systemd-resolve
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 844/sshd
tcp6 0 0 :::80 :::* LISTEN 870/nginx: master p
tcp6 0 0 :::22 :::* LISTEN 844/sshd
udp 0 0 127.0.0.53:53 0.0.0.0:* 641/systemd-resolve
udp 0 0 172.31.26.121:68 0.0.0.0:* 618/systemd-network
curl
root#ip-172-31-26-121:~# curl -v facebook.com
* Rebuilt URL to: facebook.com/
* Trying 185.60.216.35...
* TCP_NODELAY set
^C
root#ip-172-31-26-121:~#
One more thing which I noticed is everything works after instance reboot for 30-40 sec, then again it stops working
Can anyone please suggest what else can i check?
I recently launched an ecs instance with centos 7.3.
I followed a guideline to install apache and configure ports(80 and 443).
I try to visit http://my_ip but it's not responding, it says i should check proxy and firewall
Below is the iptables, i could not figure what's wrong
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 25141/httpd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1878/sshd
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 25141/httpd
tcp6 0 0 :::3306 :::* LISTEN 30048/mysqld
1.stop firewall(systemctl stop firewalld.service),make your selinux equal disabled(vim /etc/sysconfig/selinux)
2.check your apache configure file and make sure your configuration allow your client to access.
3. check your apache access.log and error.log
you can try these method,and you would better paste the error page screenshot.
I have an EC2 ubuntu server with haas online trading server installed which requires me to connect through PORT 8090 or 8092.
The xml file is configured as follows:
<HostingAdres>xx.xxx.56.78</HostingAdres>
<ExternalAdres />
<HostingPort>8090</HostingPort>
<HubPort>8092</HubPort>
I have opened these ports with Custom TCP in the Security Groups but when I see which ports are listening with:
netstat -tulpn
I get:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp6 0 0 :::9300 :::* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 :::9200 :::* LISTEN -
udp 0 0 127.0.0.53:53 0.0.0.0:* -
udp 0 0 172.31.95.106:68 0.0.0.0:* -
and I have tried:
sudo ufw allow 8090
ps -A|grep mono
produces:
1922 pts/0 00:00:03 mono
so a mono process appears to be running. the haas online server is htr only mono program.
But the port remains stubbornly unavailable.
How can I open 8090 and 8092 to accept traffic?
Thank you!
The security group, and netstat are not related. Think of the security group as your network firewall. Changes to your security group do not effect what port your server is listening on, it changes what ports your network will allow incoming traffic on. For your server to be listening on ports 8090 and 8092 some sort of service/application needs to be running and bound to those ports. It looks like you have configured the haas service to listen on those ports, but you haven't started the haas service. Or perhaps you need to restart the service to get it to pick up the modified port configuration.
I've setup a simple Flask server on my Compute Engine, which runs internally on 127.0.0.1:5000.
If i ssh onto that instance and curl 127.0.0.1:5000 i see the hello world message and the Flask instance shows a get in its logs.
However, if i use the external ip address through a browser it says the site doesn't exist.
I've tried to setup multiple diff firewalls, pointing to either 0.0.0.0/0 or 127.0.0.1/0 and including both tcp:5000 and udp, or just tcp or just saying allow all ports.
Nothing works.
I did try running netstat -plant and it said that port 5000 was attached to python3 (which is my Flask instance) but that the port was closed.
UPDATE:
Got it working, but will just add some more logging/output in case anyone else comes to this issue also.
me#instance-1:~$ nmap 1.2.3.4
Starting Nmap 7.40 ( https://nmap.org ) at 2018-08-19 15:30 UTC
Nmap scan report for 4.3.2.1.bc.googleusercontent.com (1.2.3.4)
Host is up (0.0016s latency).
Not shown: 995 filtered ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp closed http
443/tcp closed https
3389/tcp closed ms-wbt-server
5000/tcp closed upnp
me#instance-1:~$ netstat -plant
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:5000 0.0.0.0:* LISTEN 29414/python3
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 1 10.142.0.2:22 118.24.87.43:51760 LAST_ACK -
tcp 0 0 10.142.0.2:41788 169.254.169.254:80 CLOSE_WAIT -
tcp 0 0 10.142.0.2:41796 169.254.169.254:80 ESTABLISHED -
tcp 0 0 127.0.0.1:55258 127.0.0.1:5000 TIME_WAIT -
tcp 0 0 10.142.0.2:41794 169.254.169.254:80 ESTABLISHED -
tcp 0 0 10.142.0.2:22 74.125.73.96:47952 ESTABLISHED -
tcp 0 816 10.142.0.2:22 74.125.73.36:51834 ESTABLISHED -
tcp 0 0 10.142.0.2:41792 169.254.169.254:80 ESTABLISHED -
tcp6 0 0 :::22 :::* LISTEN -
Then I restarted flask using
flask run --host=0.0.0.0 --port=5000
and now...
me#instance-1:~$ netstat -plant
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:5000 0.0.0.0:* LISTEN 31365/python3
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 10.142.0.2:45802 169.254.169.254:80 ESTABLISHED -
tcp 0 0 127.0.0.1:55258 127.0.0.1:5000 TIME_WAIT -
tcp 0 0 10.142.0.2:41794 169.254.169.254:80 CLOSE_WAIT -
tcp 0 0 10.142.0.2:45804 169.254.169.254:80 ESTABLISHED -
tcp 0 0 10.142.0.2:22 74.125.73.96:47952 ESTABLISHED -
tcp 0 0 10.142.0.2:45800 169.254.169.254:80 ESTABLISHED -
tcp 0 816 10.142.0.2:22 74.125.73.36:51834 ESTABLISHED -
tcp6 0 0 :::22 :::* LISTEN -
me#instance-1:~$ nmap 1.3.3.4
Starting Nmap 7.40 ( https://nmap.org ) at 2018-08-19 19:24 UTC
Nmap scan report for 4.3.2.1.bc.googleusercontent.com (1.2.3.4)
Host is up (0.0012s latency).
Not shown: 995 filtered ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp closed http
443/tcp closed https
3389/tcp closed ms-wbt-server
5000/tcp open upnp
Nmap done: 1 IP address (1 host up) scanned in 4.75 seconds
i assume that you are using default run method, in that provide host address as 0.0.0.0 and it will do the trick
from flask import Flask
app = Flask(__name__)
#app.route('/')
def index():
return 'Hi'
if __name__ == '__main__':
app.run(host='0.0.0.0', port=5000)
This will allow you to access your website out of local-host, with ip address.
if you are using flask run method then run it as
flask run --host=0.0.0.0 --port=5000