0

Right now I am trying to run a daemon on port 8080, but because of the software I am installing with the daemon, I cannot start it unless the port 8080 is open. It's because the daemon needs to have port 8080 open to communicate to the other part of the software (the panel).

I have obviously tried allowing inbound rules on the security group assigned to my instance, and going to my VPC panel and going to NACL's and trying to add the ports, but nothing has worked. However, the ports that a have preset in the rules editor (such as default ports like HTTP) do work. I know this because I am running a webserver off of port 80 (HTTP).

I have looked across all the Stack Overflow posts I could find and most of them said the solution of adding inbound rules to the security group which I have done lol. However, I came across this post, that had the solution of adding a range of ports for when you have a custom VCP, and it worked! I did this but long story short I got another error and I just made a new instance. I got to the point where I needed the port 8080 to be open, but sadly I got the error that I needed port 8080 to be open, even when I had that solution from the linked post. Basically it stopped working. I read the docs in the linked post that the answer gave me and I couldn't really get any use out of it.

Here is a picture of my ALC inbound rules, if you read this doc about ephemeral ports you will understand more. ALC Inbound Rules Picture

I have no idea why I can't open custom TCP ports but I can open default ports like 80, 22, 3306, etc. I can't get my daemon running for it to even listen on port 8080.

Is there a solution to all this?

EDIT:

Security Group: Inbound Rules Outbound Rules

ACL: Inbound Rules Outbound Rules

vanilla
  • 69
  • 1
  • 2
  • 13
  • What about outbound ACL rules? ACL is sateless, thus you need to ensure that both inbound and outbound rules allow needed traffic. – Marcin Jul 13 '20 at 05:01
  • @Marcin Ahh I see, should I apply the same ones from the inbound, I would think so. – vanilla Jul 13 '20 at 05:16
  • Do you can try. Do you really need to modify ACL? Why not use default ACLs, which is what is usually done, and just concentrate on security groups? – Marcin Jul 13 '20 at 05:17
  • @Marcin Ok, I'll just outbound rules to the security group. I was reading a couple of posts and they were talking about ACL stuff. I read the docs more and it looks like you need the same inbound rules as outbound – vanilla Jul 13 '20 at 05:19
  • Yes. Use default ACL which allow all in and out, and concentrate on SGs. You can have default SG outbound rule (allow all), and just focus on the inbout roles to SGs. – Marcin Jul 13 '20 at 05:22
  • @Marcin Trying outbound rules didn't work, hmm – vanilla Jul 13 '20 at 05:28
  • If you modified ACLs and SGs its difficult to see what is exactly your setup now. Can you update your question with all inbound and outbound rules you have (SG+ALC). – Marcin Jul 13 '20 at 05:30
  • @Marcin I updated the post – vanilla Jul 13 '20 at 14:08
  • this issue has been giving me a headache any success? – Code Demon Dec 11 '21 at 09:41
  • @CodeDemon Just logged into my account haha, sadly after this post I did not find any success. Those firewall rules are really tricky for some reason and how they work I guess. The ACL is to be left alone, but the security groups seem to be your best target, reading the past discussion – vanilla Dec 21 '21 at 05:14
  • for my case,I found the issue to be on the actual server code ,to confirm that the aws firewall isnt blocking my communication,try hosting a different server on the same port,if it works the you know its definitely not aws blocking or the internal firewall,if the address isnt accessible ,then its the aws firewall or the server code or the internal firewall .if the address is accessible on localhost, then the internal firewal is ok that leaves the culprits being the server code(binding issue ) or aws firewall. – Code Demon Dec 21 '21 at 14:47
  • if it runs on localhost but not on the private ip, issue is definitely the server code binding – Code Demon Dec 21 '21 at 14:49
  • @CodeDemon Thanks! That is very good too know, and hopefully anyone from there search engines can read this. I will look back on this later if I need too. – vanilla Dec 30 '21 at 01:02

0 Answers0