Linux Network services - Apache not running on app1 port 8081

Hi Team,

I am facing issue in completing this task, as apache service is running fine on port 8081 and i have added the iptables rule also in app01 server , but i am not able to do telnet from jump server to the app server. Could someone please help me in this issue.

Hello,
what do the following commands say?

systemctl status -l httpd

ss -ltpn

Hello,

Please find below output .(Please note now httpd is running on port 3002).

root@stapp01 ~]# systemctl status -l httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2020-05-27 15:53:13 UTC; 50s ago
Docs: man:httpd(8)
man:apachectl(8)
Main PID: 545 (httpd)
Status: “Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec”
CGroup: /docker/dd7d1f07f4492a83d79bff148875ec25ad7b73eb867e29e231b8c21b86cc02e2/system.slice/httpd.service
├─545 /usr/sbin/httpd -DFOREGROUND
├─546 /usr/sbin/httpd -DFOREGROUND
├─547 /usr/sbin/httpd -DFOREGROUND
├─548 /usr/sbin/httpd -DFOREGROUND
├─549 /usr/sbin/httpd -DFOREGROUND
└─550 /usr/sbin/httpd -DFOREGROUND

May 27 15:53:13 stapp01 systemd[1]: Starting The Apache HTTP Server…
May 27 15:53:13 stapp01 httpd[545]: AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 172.16.238.10. Set the ‘ServerName’ directive globally to suppress this message
May 27 15:53:13 stapp01 systemd[1]: Started The Apache HTTP Server.
[root@stapp01 ~]# ss -ltpn
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 127.0.0.11:45486 :
LISTEN 0 128 *:111 *:*users:((“rpcbind”,pid=65,fd=4),(“systemd”,pid=1,fd=38))
LISTEN 0 128 *:22 *:*users:((“sshd”,pid=66,fd=3))
LISTEN 0 128 *:3002 *:*users:((“httpd”,pid=550,fd=3),(“httpd”,pid=549,fd=3),(“httpd”,pid=548,fd=3),(“httpd”,pid=547,fd=3),(“httpd”,pid=546,fd=3),(“httpd”,pid=545,fd=3))
LISTEN 0 128 [::]:111 [::]:*users:((“rpcbind”,pid=65,fd=11))
LISTEN 0 128 [::]:22 [::]:*users:((“sshd”,pid=66,fd=4))
[root@stapp01 ~]#

root@stapp01 ~]# netstat -apn |grep -i 3002
tcp 0 0 0.0.0.0:3002 0.0.0.0:* LISTEN 545/httpd

Where you asked to change the port from 8081 to 3002?

No when i click on try later option and again tried to start then a new question which came there it was mentioned port 3002.

@shantanukapoor Could you post the exact task assigned and what issue are you facing now?

What you added in iptables?

  1. Port 8080 was running on sendmail , so i killed it.
  2. started Httpd service and now its listening on port 8080
    3)Then i have added rule in iptables using below command:
    iptables -A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT
  3. I tried to check connection from jump host and getting below error:
    hor@jump_host /$ curl 172.16.238.10:8080
    curl: (7) Failed connect to 172.16.238.10:8080; No route to host
1 Like

iptables -A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT

Could you list iptables rules and share the output, use:

$sudo iptables -L INPUT -nv

iptables -L INPUT -nv
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
4632 19M ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0.0/0
201 13183 ACCEPT all – lo * 0.0.0.0/0 0.0.0.0/0
1 60 ACCEPT tcp – * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
125 7500 REJECT all – * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

what to test , you have not mentioned anything ?

Hi,

Can you test this :

vi /etc/sysconfig/iptables
-A INPUT -m state --state NEW -p tcp --dport 8080 -j ACCEPT
sudo systemctl restart iptables

i have done the changes as you mentioned , but still from jump server apache is not reachable .

hor@jump_host / curl 172.16.238.10:8083 curl: (7) Failed connect to 172.16.238.10:8083; No route to host thor@jump_host /

You have performed almost all the steps correctly. But seems issue with iptables. If you observe carefully the rule which you appended for port 8080(or whichever port is provided in the task) has not been reflected in the listed rules.
Also try saving the rule using:
#iptables-save

I think you have to replace 8083 by 8080

no actually when new question came there port no 8083 was mentioned for apache port.

Did you change the port also in iptables ?

ok let me do that and will let you know.

1 Like

done iptables-save after that restarted iptables . But after that also when i try to do telnet from jump host its not working for apache .