69

I have installed and web application which is running on port 8080 on RHEL (centOS). I only have command line access to that machine. I have tried to access that application from my windows machine from which I am connected to server via command-line, but it is giving connection time out error.

Then I have tried to open port 8080. I have added following entry into the iptables.

-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT

After adding this into the iptables I have restarted it with - /etc/init.d/iptables restart

But still I am not able to access that application from my windows machine.

Am I doing any mistake or missing something?

Niraj Chapla
  • 2,149
  • 1
  • 21
  • 34
  • Have you disabled selinux? which version of centos are you running? – jabaldonedo Sep 26 '13 at 17:21
  • 1
    is there any other firewall between? you sure you're app is listening? Make sure you see something when you do `netstat -an | grep 8080` – Joe T Sep 26 '13 at 17:21
  • I have the same issue on CentOS v7 Netstat shows nothing for 8080 so do the iptables line then check again still nothing being trying to do this for weeks does anyone now how to actually add 8080 so it is accessable from outside – AndrewT Sep 05 '17 at 08:40

2 Answers2

99

The following configs works on Cent OS 6 or earlier

As stated above first have to disable selinux.

Step 1 nano /etc/sysconfig/selinux

Make sure the file has this configurations

SELINUX=disabled

SELINUXTYPE=targeted

Then restart the system

Step 2

iptables -A INPUT -m state --state NEW -p tcp --dport 8080 -j ACCEPT

Step 3

sudo service iptables save

For Cent OS 7

step 1

firewall-cmd --zone=public --permanent --add-port=8080/tcp

Step 2

firewall-cmd --reload
Nirojan Selvanathan
  • 10,066
  • 5
  • 61
  • 82
49

First, you should disable selinux, edit file /etc/sysconfig/selinux so it looks like this:

SELINUX=disabled
SELINUXTYPE=targeted

Save file and restart system.

Then you can add the new rule to iptables:

iptables -A INPUT -m state --state NEW -p tcp --dport 8080 -j ACCEPT

and restart iptables with /etc/init.d/iptables restart

If it doesn't work you should check other network settings.

Shervin
  • 1,936
  • 17
  • 27
jabaldonedo
  • 25,822
  • 8
  • 77
  • 77
  • 1
    selinux is disable and selinuxtype is set to targeted and append rule to the iptables. Restarted the iptables as well but still not working. Need to check other network configuration – Niraj Chapla Sep 26 '13 at 18:16
  • @jabaldonedo I get a 9001 socket exception at exactly 2 hours of a mongodb load from a centos server. Could this be a solution to that? If so, in your opinion, do i have to do this on both the remote host and the requesting host or just the remote host? Thanks! – kmehta Oct 08 '13 at 15:15
  • Maybe your problem is not related with CentOS, are you sure that your application is correctly configured? that error is a connection issue from MongoDB. I don't know what application are you trying to run, but I suggest you to check again its configuration and/or if you can, ask for some support help. – jabaldonedo Oct 08 '13 at 15:23
  • Yeah it's a mongodb client method "db.cloneCollection". I haven't found any sort of timeout configuration either on the mongo client or the mongod server process. – kmehta Oct 08 '13 at 16:37
  • Restarting iptables flused my new rule – blackbird Jan 07 '16 at 18:17
  • Try this for restart iptables-save – Sireesh Yarlagadda Feb 08 '18 at 21:01