0

I thought that it's iptables problem.. but it seems not. I really have no idea about this situation.

I'm getting a server hosting(CentOS). I installed Nginx + Django and nginx uses 8080 port. A domain is connected to the server.

When I executed "wget [domain]:8080/[app name]/" in the server, it worked. Of course, "wget 127.0.0.1:8080/[app name]/" has no problem. (wget [server ip]:8080/[app name]/, either)

However, from other computers, connecting was failed. (message says, no route)

I checked my firewall setting. I excuted these commands.

 iptables -I INPUT -p tcp --dport 8080 -j ACCEPT
 iptables -I OUTPUT -p tcp --sport 8080 -j ACCEPT
 iptables -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
 /etc/init.d/iptables restart

I don't really understand all options of commands and I think there were useless commands, but I just tried all googled iptables settings.

But still I cannot connect to my server. What should I check, first?

I don't know this is important, but add to this post. On 80 port, an apache server is running. It works fine, I can connect to apache from other computers. There is DB connecting issue, (PHP to MySQL) but I think that it is just PHP coding bug.

please excuse my low-level English. I'm not native English speaker.. but I tried to explane well as far as possible. Thank you for reading this question.

margincall
  • 103
  • 1
  • 2

2 Answers2

1

If you have executed the sequence of command you wrote, I think no rule has been applied because you have restarted iptables without saving the new settings.

Try to add the following rule in the iptables file /etc/sysconfig/iptables (check there are no other rules on port 8080):

-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT

or with the following commands:

 iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
 iptables-save

Restart iptables:

/etc/init.d/iptables restart

Now you should see the rule running this command:

root@centos01 sysconfig]# iptables -L -n | grep 8080
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:8080

Try to connect from remote hosts

Guido Vaccarella
  • 1,418
  • 14
  • 13
  • I followed your guide, and the result of `iptables -L -n | grep 8080` is `ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8080` that is just like you wrote. But still the same problem. For following your guide, I deleted one line from iptables file. I think that the setting was already saved. – margincall Nov 07 '13 at 01:54
0

shut down your fw, flush all rules and retry your remote connections

  • if you can connect -> adjust your firewall
  • if you cant connect -> ajdust your routing

you can see check with tcpdump port 8080 on your server, if packages are arriving.

that guy from over there
  • 1,355
  • 10
  • 11
  • Why I didn't try to turn off firewall? I stoped to think about fw, just considered about other things. Yes, it worked when I turned off. I think there was a mistake on iptables setting. – margincall Nov 07 '13 at 08:53
  • I refreshed all setting, and everything is all right. I really appreciate. I cannot understand why I didn't try that. I was lost my mind.. – margincall Nov 07 '13 at 08:56