nmap tidak saya install,, tapi dari netstat sepertinya ketahuan kalo port 8080 untuk ip4 belum terbuka. cmiiw
an3uk http://blog.adikcilak.com ________________________________ From: masrust <[email protected]> To: Mailing List Komunitas openSUSE Indonesia <[email protected]> Sent: Tue, 21 June, 2011 11:14:30 AM Subject: Re: [*openSUSE-ID*] Buka port 8080? kalau di lihat pake nmap dah kebuka belum mas? On Tue, Jun 21, 2011 at 11:12 AM, an3uk <[email protected]> wrote: > Help me kawans.. sudah saya coba petunjuk dari beberapa sumber, tapi belum > bisa > membuat saya membrowse port 8080 dari luar.. > kenapa yah? mohon bantuannya walau sebatas membalas email :) > > berikut setingan firewall : /etc/sysconfig/SuSEfirewall2 > > FW_DEV_EXT="eth0" > FW_DEV_INT="" > FW_DEV_DMZ="" > FW_ROUTE="no" > FW_MASQUERADE="no" > FW_MASQ_DEV="zone:ext" > FW_MASQ_NETS="0/0" > FW_NOMASQ_NETS="" > FW_PROTECT_FROM_INT="no" > FW_SERVICES_EXT_TCP="8080" > FW_SERVICES_EXT_UDP="8080" > FW_SERVICES_EXT_IP="" > FW_SERVICES_EXT_RPC="" > FW_CONFIGURATIONS_EXT="sshd" > FW_SERVICES_DMZ_TCP="" > FW_SERVICES_DMZ_UDP="" > FW_SERVICES_DMZ_IP="" > FW_SERVICES_DMZ_RPC="" > FW_CONFIGURATIONS_DMZ="sshd" > FW_SERVICES_INT_TCP="" > FW_SERVICES_INT_UDP="" > FW_SERVICES_INT_IP="" > FW_SERVICES_INT_RPC="" > FW_CONFIGURATIONS_INT="" > FW_SERVICES_DROP_EXT="" > FW_SERVICES_DROP_DMZ="" > FW_SERVICES_DROP_INT="" > FW_SERVICES_REJECT_EXT="" > FW_SERVICES_REJECT_DMZ="" > FW_SERVICES_REJECT_INT="" > FW_SERVICES_ACCEPT_EXT="" > FW_SERVICES_ACCEPT_DMZ="" > FW_SERVICES_ACCEPT_INT="" > FW_SERVICES_ACCEPT_RELATED_EXT="0/0," > FW_SERVICES_ACCEPT_RELATED_DMZ="" > FW_SERVICES_ACCEPT_RELATED_INT="" > FW_TRUSTED_NETS="" > FW_ALLOW_INCOMING_HIGHPORTS_TCP="" > FW_ALLOW_INCOMING_HIGHPORTS_UDP="" > FW_FORWARD="" > FW_FORWARD_REJECT="" > FW_FORWARD_DROP="" > FW_FORWARD_MASQ="" > FW_REDIRECT="" > FW_LOG_DROP_CRIT="yes" > FW_LOG_DROP_ALL="no" > FW_LOG_ACCEPT_CRIT="yes" > FW_LOG_ACCEPT_ALL="no" > FW_LOG_LIMIT="" > FW_LOG="" > FW_KERNEL_SECURITY="yes" > FW_STOP_KEEP_ROUTING_STATE="no" > FW_ALLOW_PING_FW="yes" > FW_ALLOW_PING_DMZ="no" > FW_ALLOW_PING_EXT="no" > FW_ALLOW_FW_SOURCEQUENCH="" > FW_ALLOW_FW_BROADCAST_EXT="no" > FW_ALLOW_FW_BROADCAST_INT="no" > FW_ALLOW_FW_BROADCAST_DMZ="no" > FW_IGNORE_FW_BROADCAST_EXT="yes" > FW_IGNORE_FW_BROADCAST_INT="no" > FW_IGNORE_FW_BROADCAST_DMZ="no" > FW_ALLOW_CLASS_ROUTING="" > FW_CUSTOMRULES="" > FW_REJECT="" > FW_REJECT_INT="yes" > FW_HTB_TUNE_DEV="" > FW_IPv6="" > FW_IPv6_REJECT_OUTGOING="" > FW_IPSEC_TRUST="no" > FW_ZONES="" > FW_ZONE_DEFAULT="" > FW_USE_IPTABLES_BATCH="" > FW_LOAD_MODULES="nf_conntrack_netbios_ns" > FW_FORWARD_ALWAYS_INOUT_DEV="" > FW_FORWARD_ALLOW_BRIDGING="" > FW_WRITE_STATUS="" > FW_RUNTIME_OVERRIDE="" > FW_LO_NOTRACK="" > FW_BOOT_FULL_INIT="" > >------------------------------------------------------------------------------------------------- >- > > > anak:/home/aneuk # iptables -nvL > > Chain INPUT (policy DROP 0 packets, 0 bytes) > pkts bytes target prot opt in out source > destination > 39 6500 ACCEPT all -- lo * 0.0.0.0/0 > 0.0.0.0/0 > 137 9465 ACCEPT all -- * * 0.0.0.0/0 > 0.0.0.0/0 state ESTABLISHED > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 > 0.0.0.0/0 state RELATED > 2216 180K input_ext all -- eth0 * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 input_ext all -- eth1 * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 input_ext all -- usb0 * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 input_ext all -- * * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 LOG all -- * * 0.0.0.0/0 > 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix > `SFW2-IN-ILL-TARGET ' > 0 0 DROP all -- * * 0.0.0.0/0 > 0.0.0.0/0 > > Chain FORWARD (policy DROP 0 packets, 0 bytes) > pkts bytes target prot opt in out source > destination > 0 0 LOG all -- * * 0.0.0.0/0 > 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix > `SFW2-FWD-ILL-ROUTING ' > > Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) > pkts bytes target prot opt in out source > destination > 39 6500 ACCEPT all -- * lo 0.0.0.0/0 > 0.0.0.0/0 > 129 13764 ACCEPT all -- * * 0.0.0.0/0 > 0.0.0.0/0 state NEW,RELATED,ESTABLISHED > 0 0 LOG all -- * * 0.0.0.0/0 > 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix > `SFW2-OUT-ERROR ' > > Chain forward_ext (0 references) > pkts bytes target prot opt in out source > destination > > Chain input_ext (4 references) > pkts bytes target prot opt in out source > destination > 1985 167K DROP all -- * * 0.0.0.0/0 > 0.0.0.0/0 PKTTYPE = broadcast > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 > 0.0.0.0/0 icmp type 4 > 1 32 ACCEPT icmp -- * * 0.0.0.0/0 > 0.0.0.0/0 icmp type 8 > 0 0 ACCEPT all -- * * 0.0.0.0/0 > 0.0.0.0/0 state RELATED > 0 0 LOG tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 limit: avg 3/min burst 5 tcp dpt:8080 flags:0x17/0x02 > LOG > flags 6 level 4 prefix `SFW2-INext-ACC-TCP ' > 0 0 ACCEPT tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 tcp dpt:8080 > 3 156 LOG tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 limit: avg 3/min burst 5 tcp dpt:22 flags:0x17/0x02 > LOG > flags 6 level 4 prefix `SFW2-INext-ACC-TCP ' > 15 780 ACCEPT tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 tcp dpt:22 > 0 0 ACCEPT udp -- * * 0.0.0.0/0 > 0.0.0.0/0 udp dpt:8080 > 1 440 DROP all -- * * 0.0.0.0/0 > 0.0.0.0/0 PKTTYPE = multicast > 0 0 DROP all -- * * 0.0.0.0/0 > 0.0.0.0/0 PKTTYPE = broadcast > 24 1240 LOG tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 limit: avg 3/min burst 5 tcp flags:0x17/0x02 LOG flags > 6 > level 4 prefix `SFW2-INext-DROP-DEFLT ' > 0 0 LOG icmp -- * * 0.0.0.0/0 > 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 6 level 4 prefix > `SFW2-INext-DROP-DEFLT ' > 16 1168 LOG udp -- * * 0.0.0.0/0 > 0.0.0.0/0 limit: avg 3/min burst 5 state NEW LOG flags 6 level 4 > prefix `SFW2-INext-DROP-DEFLT ' > 214 11900 DROP all -- * * 0.0.0.0/0 > 0.0.0.0/0 > > Chain reject_func (0 references) > pkts bytes target prot opt in out source > destination > 0 0 REJECT tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 reject-with tcp-reset > 0 0 REJECT udp -- * * 0.0.0.0/0 > 0.0.0.0/0 reject-with icmp-port-unreachable > 0 0 REJECT all -- * * 0.0.0.0/0 > 0.0.0.0/0 reject-with icmp-proto-unreachable > You have new mail in /var/mail/root > > >------------------------------------------------------------------------------------------------------ >- > > anak:/home/aneuk # netstat -atn > Active Internet connections (servers and established) > Proto Recv-Q Send-Q Local Address Foreign Address State > tcp 0 0 127.0.0.1:12525 0.0.0.0:* LISTEN > tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN > tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN > tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN > tcp 0 0 123.109.1.93:53 0.0.0.0:* LISTEN > tcp 0 0 127.0.0.2:53 0.0.0.0:* LISTEN > tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN > tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN > tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN > tcp 0 0 127.0.0.1:663 0.0.0.0:* LISTEN > tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN > tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN > tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN > tcp 0 0 127.0.0.1:10023 0.0.0.0:* LISTEN > tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN > tcp 0 1224 123.109.1.93:22 172.254.254.40:52395 > ESTABLISHED > tcp 0 0 :::110 :::* LISTEN > tcp 0 0 :::143 :::* LISTEN > tcp 0 0 :::111 :::* LISTEN > tcp 0 0 :::8080 :::* LISTEN > tcp 0 0 :::53 :::* LISTEN > tcp 0 0 :::22 :::* LISTEN > tcp 0 0 ::1:631 :::* LISTEN > tcp 0 0 ::1:953 :::* LISTEN > tcp 0 0 127.0.0.1:8005 :::* LISTEN > tcp 0 0 :::8009 :::* LISTEN > > > > > an3uk > http://blog.adikcilak.com > > > > > > > ________________________________ > From: an3uk <[email protected]> > To: [email protected]; Mailing List Komunitas openSUSE Indonesia > <[email protected]> > Sent: Thu, 16 June, 2011 5:01:18 PM > Subject: Re: [*openSUSE-ID*] Buka port 8080? > > Brothers.. > terima kasih bantuannya hari ini.. > besok kita lanjutkan lagi.. hahaha.. > > > > an3uk > http://blog.adikcilak.com > > > > > > > ________________________________ > From: medwinz <[email protected]> > To: Mailing List Komunitas openSUSE Indonesia <[email protected] > > > Sent: Thu, 16 June, 2011 4:17:39 PM > Subject: Re: [*openSUSE-ID*] Buka port 8080? > > 2011/6/16 an3uk <[email protected]>: > > Saya makek mentah setingan defaultnya brur.. > > belum di utak-atik apa.. ini lagi lihat setingan di SuSEFirewall :D > > > > > > an3uk > > http://blog.adikcilak.com > > > > Pay attention ke baris > > FW_SERVICES_EXT_TCP="" > > isi misalnya dengan > > FW_SERVICES_EXT_TCP="8080" > > Perhatikan juga posisi eth anda sebagai external network, dmz atau > internal network. > Jangan lupa baca bagian yang dicomment. > > Biasanya settingan ipv4 dan ipv6 berikut portnya juga ada di > aplikasinya. Coba cek sekali lagi konfigurasi Tomcatnya jangan-jangan > ada yang terlewat, misalnya listen melalui apa localhost, 127.0.0.1 > atau FQDN. > > salam, > -- > medwinz > http://medwinz.blogsome.com > http://en.opensuse.org/User:Medwin > [email protected] > openSUSE community member > ______________________________________________ > --- > Info Milis : http://opensuse.or.id/milis > Keluar dari Milis : Kirim email ke [email protected] > Manajemen Keanggotaan : > http://lists.opensuse-id.org/listinfo.cgi/milis-opensuse-id.org > ______________________________________________ > --- > Info Milis : http://opensuse.or.id/milis > Keluar dari Milis : Kirim email ke [email protected] > Manajemen Keanggotaan : > http://lists.opensuse-id.org/listinfo.cgi/milis-opensuse-id.org > ______________________________________________ > --- > Info Milis : http://opensuse.or.id/milis > Keluar dari Milis : Kirim email ke [email protected] > Manajemen Keanggotaan : > http://lists.opensuse-id.org/listinfo.cgi/milis-opensuse-id.org > -- Regards, Sri Rustanto http://masrust.web.id/ ______________________________________________ --- Info Milis : http://opensuse.or.id/milis Keluar dari Milis : Kirim email ke [email protected] Manajemen Keanggotaan : http://lists.opensuse-id.org/listinfo.cgi/milis-opensuse-id.org ______________________________________________ --- Info Milis : http://opensuse.or.id/milis Keluar dari Milis : Kirim email ke [email protected] Manajemen Keanggotaan : http://lists.opensuse-id.org/listinfo.cgi/milis-opensuse-id.org
