Task 17 - Linux Network Services

Hi @bagam_fleury

Ping works on different protocol so if ping works you can’t say Apache will also be reachable. Please try to figure out what exactly you are missing.

Hi Team,

Please find below output/snippet as a proof saying firewalld service service is up and running and serice is accessible from jumpbox host. Still the result is failed can you tel me whats wrong in it

what does below error mean? as you can clearly see from the above output the firewalld service is active and port is also accessible from jump host

Seem’s like you have stopped iptables firewall service on app server 1.

hi @Inderpreet ,
even i’ve got the same error “Seem’s like you have stopped the iptables firewall service on app server 1” . As i can see iptables service was disabled on app server2 and 3 . After fixing httpd service on app server1 . i tried curl from jump host for app server2 and 3 it was working . So i had to stop iptables on appserver1 and tried curling it . it was now working on all the 3 app servers . but task failed . I’m i missing something here ?

@maheshb Did you install the firewalld on this server ? Also error is mentioning about iptables not firewalld.

@kaushik

Its never a good idea to stop firewall of any kind if already running on a server as it can be a big security concern.

Hi team i thin i solved this problem but i was failed. i add screenshoot but it did not mention about firewall rules so i disable it.

i have same issue but there is no warning about iptables and firewall. it can be security issue but this can be useful in internal network sometimes.

I have updated the firewall rules in the app server, despite that I;m unable to succeed in doing telnet from jumphost to appserver on port 8082

-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A INPUT -s 172.16.238.2/172.16.239.2 -p tcp -m tcp --dport 8082 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8082 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -p tcp -m tcp --sport 80 -m conntrack --ctstate ESTABLISHED -j ACCEPT
COMMIT

Completed on Sat May 23 03:51:33 2020

and also dont whats the reason my network service isnt coming up in app server