CentOS

The Community ENTerprise Operating System
https://forums.centos.org/

Blocked out Port 8080 and Port 3306

https://forums.centos.org/viewtopic.php?f=17&t=55652

Page 1 of 1

Blocked out Port 8080 and Port 3306

Posted: 2015/12/29 03:23:41
by sonam
i am fairly new to centos. i am trying to configure tomcat 7 and mysql on my centos 6.7 device but i am unable to access the same from outside network/other ISP. my iptables are configured to allow both port 8080 and port 3306 but i am unable to access it. i tried checking using yougetsignal.com
i can however access through ssh and view my website (port 22 and port 80)


my iptables have the following configuration:

Code: Select all

# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:FORWARD ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i em2 -j ACCEPT
-A INPUT -p tcp -m state -m tcp --dport 22 --state NEW -j ACCEPT
-A INPUT -p tcp -m state -m tcp --dport 80 --state NEW -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT -m comment --comment "Tomcat Server Port"
-A INPUT -p tcp -m state -m tcp --dport 3306 --state NEW -j ACCEPT
-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
-A FORWARD -p icmp -j ACCEPT
-A FORWARD -i lo -j ACCEPT
-A FORWARD -i em2 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT


netstat -nlP

Code: Select all

Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   
tcp        0      0 x.x.x.x:3306           0.0.0.0:*                   LISTEN      2392/mysqld         
tcp        0      0 0.0.0.0:50378               0.0.0.0:*                   LISTEN      1918/rpc.statd      
tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   LISTEN      1755/rpcbind        
tcp        0      0 0.0.0.0:10000               0.0.0.0:*                   LISTEN      6466/perl           
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      6898/sshd           
tcp        0      0 127.0.0.1:631               0.0.0.0:*                   LISTEN      1988/cupsd          
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      2508/master         
tcp        0      0 :::36740                    :::*                        LISTEN      1918/rpc.statd      
tcp        0      0 ::ffff:127.0.0.1:8005       :::*                        LISTEN      12005/java          
tcp        0      0 :::8009                     :::*                        LISTEN      12005/java          
tcp        0      0 :::5900                     :::*                        LISTEN      13491/vino-server   
tcp        0      0 :::111                      :::*                        LISTEN      1755/rpcbind        
tcp        0      0 :::8080                     :::*                        LISTEN      12005/java          
tcp        0      0 :::80                       :::*                        LISTEN      2548/httpd          
tcp        0      0 :::22                       :::*                        LISTEN      6898/sshd           
tcp        0      0 ::1:631                     :::*                        LISTEN      1988/cupsd          
tcp        0      0 ::1:25                      :::*                        LISTEN      2508/master
please help me.

Re: Blocked out Port 8080 and Port 3306

Posted: 2015/12/29 07:59:52
by Whoever
DNS problem? What happens when you try to access it from outside by IP address, not site name?

Exactly what do you get? Blank page, timeout? etc.?

Re: Blocked out Port 8080 and Port 3306

Posted: 2016/03/17 04:55:19
by dmunk
Looks like tomcat is sitting on ipv6 man. That being said, iptables is ipv4 and ip6tables is ipv6. Just look at the logic. Take a look at your tomcat server config and set your listner(s) to be ipv4 and bounce it. I bet that clears up your problem.

Re: Blocked out Port 8080 and Port 3306

Posted: 2016/03/17 04:57:26
by dmunk
Try this and you will see what I am talking about.

Code: Select all

lsof - i|grep LI

EDIT :

Change the following in /etc/tomcat/server.xml :

Code: Select all

<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" URIEncoding="UTF-8" address="::1"/>
TO

Code: Select all

<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" URIEncoding="UTF-8" address="127.0.0.1"/>
Location of server.xml may be in another spot for you, depends on if you pulled tomcat in as a tar ball or if you used the repo. Think the repo default will be at /etc/tomcat/server.xml.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited