Linux Network services - Apache not running on app1 port 8081

shantanukapoor · May 28, 2020, 8:44am

Yes as port mentioned in question for apache i have done changes in iptables config file.

akshayyw · May 28, 2020, 8:48am

Okay , now share the output- list of rules configured ,
$sudo iptables -L INPUT -nv
Is the rule present now in the list?

shantanukapoor · May 28, 2020, 9:12am

sudo iptables -L INPUT -nv
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
5 356 ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all – lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:5000
6 360 REJECT all – * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

Tej-Singh-Rana · May 28, 2020, 9:15am

firewall service is active in that server?

shantanukapoor · May 28, 2020, 9:54am

yes firewall service is running .

systemctl status iptables
● iptables.service - IPv4 firewall with iptables
Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled; vendor preset: disabled)
Active: active (exited) since Thu 2020-05-28 09:53:20 UTC; 25s ago
Process: 542 ExecStop=/usr/libexec/iptables/iptables.init stop (code=exited, status=0/SUCCESS)
Process: 564 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=0/SUCCESS)
Main PID: 564 (code=exited, status=0/SUCCESS)

May 28 09:53:20 stapp01 systemd[1]: Starting IPv4 firewall with iptables…
May 28 09:53:20 stapp01 iptables.init[564]: iptables: Applying firewall rules: [ OK ]
May 28 09:53:20 stapp01 systemd[1]: Started IPv4 firewall with iptables.

shantanukapoor · May 28, 2020, 10:05am

Not sure what changes needs to be done to make apache accessible from jump host.
Iptables rule is set and its also reflecting there

iptables -L INPUT -nv
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
48 3276 ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all – lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:6100
56 3360 REJECT all – * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

domingochavez16 · May 28, 2020, 2:45pm

what does telnet say ?

telnet 172.16.238.10:8083

Also, stop the iptables then test to rule out iptables.

Tej-Singh-Rana · May 28, 2020, 2:49pm

share the output of error, which one is available in sudo journalctl -xe.
If you are not able to find particular service then try this one and figure out error.
sudo journalctl -u httpd.service or share with us. Do a fresh start and this time don’t add anything in iptables.

hansric1521 · May 28, 2020, 3:47pm

I was able to access apache on app server 1 after stoping iptables. BUt tasks shows failed.

akshayyw · May 28, 2020, 4:22pm

I guess, It should work with iptables service running. I have completed it that way.

shantanukapoor · May 29, 2020, 4:57am

telnet 172.16.238.10:5004
telnet: 172.16.238.10:5004: Name or service not known
172.16.238.10:5004: Unknown host
thor@jump_host /$

I have stopped iptables then tried telnet.

shantanukapoor · May 29, 2020, 5:00am

root@stapp01 ~]# iptables -L INPUT -nv
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
67 4372 ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all – lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:5004
19 1140 REJECT all – * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
[root@stapp01 ~]# netstat -apn |grep -i 5004
tcp 0 0 0.0.0.0:5004 0.0.0.0:* LISTEN 443/httpd

i guess iptables rule is displaying port but still telnet not working from jump host.

akshayyw · May 29, 2020, 2:17pm

The rule has been set correctly , however you didn’t use telnet correctly:
What you typed: telnet 172.16.238.10:5004
Expected command syntax : telnet 172.16.238.10 5004
Or if you want you can use: curl 172.16.238.10:5004 for testing purpose

shantanukapoor · May 30, 2020, 4:47am

Thanks a lot for guiding me , my task got completed successfully.

akshayyw · May 30, 2020, 5:05am

That’s great! What were you doing wrong previously?

shantanukapoor · May 30, 2020, 5:23am

i am using wrong syntax for telnet thats why its not working.

swaroopcs88 · June 19, 2020, 12:49am

@Tej-Singh-Rana @akshayyw @shantanukapoor

unable to get httpd service running on app 1 server. could you please advise what needs to be done for running it?

thanks

Tej-Singh-Rana · June 19, 2020, 3:44am

Apache port is bound with another service so do netstat -nltp and figure it out to connected to whom and kill that process and restart your httpd and enable it. Do cross check by netstat again.

swaroopcs88 · June 22, 2020, 11:49pm

@akshayyw @Tej-Singh-Rana
This is the rule I set it in iptables. For this session 3000 was the port number specified for Apache.

iptables -L INPUT -nv

I saved iptables using - iptables save.
Here I don’t see port number 3000 in iptables results.
on app2 and app3. The iptables file is empty, running iptables -L INPUT -nv.
Displays the below results.

How come this file is empty in these two servers? what changes are supposed to be entered here?
could you please check and advise, what is the step that is missing in my case?
simply to check, I ran telnet commands on app1, app2, and app3.
These are the results I am getting.

as I see the connection is not getting established on app1:

thank you!

swaroopcs88 · June 23, 2020, 11:52am

thank you @mouador

the steps helped me to resolve the issue.

thanks
Swaroop