Linux Network services - Apache not running on app1 port 8081

akshayyw · May 28, 2020, 7:58am

You have performed almost all the steps correctly. But seems issue with iptables. If you observe carefully the rule which you appended for port 8080(or whichever port is provided in the task) has not been reflected in the listed rules.
Also try saving the rule using:
#iptables-save

Zakaria · May 28, 2020, 7:58am

I think you have to replace 8083 by 8080

shantanukapoor · May 28, 2020, 7:59am

no actually when new question came there port no 8083 was mentioned for apache port.

Zakaria · May 28, 2020, 8:01am

Did you change the port also in iptables ?

shantanukapoor · May 28, 2020, 8:03am

ok let me do that and will let you know.

shantanukapoor · May 28, 2020, 8:44am

done iptables-save after that restarted iptables . But after that also when i try to do telnet from jump host its not working for apache .

shantanukapoor · May 28, 2020, 8:44am

Yes as port mentioned in question for apache i have done changes in iptables config file.

akshayyw · May 28, 2020, 8:48am

Okay , now share the output- list of rules configured ,
$sudo iptables -L INPUT -nv
Is the rule present now in the list?

shantanukapoor · May 28, 2020, 9:12am

sudo iptables -L INPUT -nv
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
5 356 ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all – lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:5000
6 360 REJECT all – * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

Tej-Singh-Rana · May 28, 2020, 9:15am

firewall service is active in that server?

shantanukapoor · May 28, 2020, 9:54am

yes firewall service is running .

systemctl status iptables
● iptables.service - IPv4 firewall with iptables
Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled; vendor preset: disabled)
Active: active (exited) since Thu 2020-05-28 09:53:20 UTC; 25s ago
Process: 542 ExecStop=/usr/libexec/iptables/iptables.init stop (code=exited, status=0/SUCCESS)
Process: 564 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=0/SUCCESS)
Main PID: 564 (code=exited, status=0/SUCCESS)

May 28 09:53:20 stapp01 systemd[1]: Starting IPv4 firewall with iptables…
May 28 09:53:20 stapp01 iptables.init[564]: iptables: Applying firewall rules: [ OK ]
May 28 09:53:20 stapp01 systemd[1]: Started IPv4 firewall with iptables.

shantanukapoor · May 28, 2020, 10:05am

Not sure what changes needs to be done to make apache accessible from jump host.
Iptables rule is set and its also reflecting there

iptables -L INPUT -nv
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
48 3276 ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all – lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:6100
56 3360 REJECT all – * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

domingochavez16 · May 28, 2020, 2:45pm

what does telnet say ?

telnet 172.16.238.10:8083

Also, stop the iptables then test to rule out iptables.

Tej-Singh-Rana · May 28, 2020, 2:49pm

share the output of error, which one is available in sudo journalctl -xe.
If you are not able to find particular service then try this one and figure out error.
sudo journalctl -u httpd.service or share with us. Do a fresh start and this time don’t add anything in iptables.

hansric1521 · May 28, 2020, 3:47pm

I was able to access apache on app server 1 after stoping iptables. BUt tasks shows failed.

akshayyw · May 28, 2020, 4:22pm

I guess, It should work with iptables service running. I have completed it that way.

shantanukapoor · May 29, 2020, 4:57am

telnet 172.16.238.10:5004
telnet: 172.16.238.10:5004: Name or service not known
172.16.238.10:5004: Unknown host
thor@jump_host /$

I have stopped iptables then tried telnet.

shantanukapoor · May 29, 2020, 5:00am

root@stapp01 ~]# iptables -L INPUT -nv
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
67 4372 ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all – lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:5004
19 1140 REJECT all – * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
[root@stapp01 ~]# netstat -apn |grep -i 5004
tcp 0 0 0.0.0.0:5004 0.0.0.0:* LISTEN 443/httpd

i guess iptables rule is displaying port but still telnet not working from jump host.

akshayyw · May 29, 2020, 2:17pm

The rule has been set correctly , however you didn’t use telnet correctly:
What you typed: telnet 172.16.238.10:5004
Expected command syntax : telnet 172.16.238.10 5004
Or if you want you can use: curl 172.16.238.10:5004 for testing purpose

shantanukapoor · May 30, 2020, 4:47am

Thanks a lot for guiding me , my task got completed successfully.