Re: [plug] Unable to open the application port in CentOS 5.8

Anuerin Diaz Sat, 20 Oct 2012 06:39:54 -0700

They are using bridged networking. I am using Xen and starting to think
maybe I should have used Virtual box instead. :|


ciao!
On Oct 20, 2012 8:26 PM, "Heherson Pagcaliwagan" <[email protected]> wrote:

> How is your networking setup? Are the nodes using bridged networking or
> simpla NAT?
>
> Out of curiosity, what's the virt solution you are using?(i.e. kvm, lc,
> openvz, vmware, virtualbox, ...)
>
> --herson
>
> On Oct 20, 2012, at 6:15 PM, Anuerin Diaz <[email protected]> wrote:
>
> Hi,
>
>    I have 2 virtualized CentOS machines (lpdza1 and lpdza2) where I am
> setting up clustered WebLogic nodes.  The current problem I have is that I
> cannot make the port 7028 in lpdza1 accept external connections.
> Connection from within lpdza1 works but I need lpdza2 to be able to access
> the admin port (7028).  I have tried alternately disabling iptables and
> ip6tables, as well as flushing and stopping them to no avail. I have also
> tried configuring and disabling them from the desktop GUI
> (Administration->Securtiy and Firewall settings,
> Administration->Services->restart). I have tried accessing from other
> virtual machines (Ubuntu, WindowsXP) to isolate that it is not a problem on
> the second machine (lpdza2).
>
>   What am I missing? Below is the sequence of commands I executed which is
> based from http://wiki.centos.org/HowTos/Network/IPTables.
>
> ======================
>
> [root@lpdza1 ~]# iptables -L
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
>
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
>
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
>
> [root@lpdza1 ~]# netstat -an | grep 7028
> tcp        0      0 ::ffff:127.0.0.1:7028
> :::*                        LISTEN
>
> [root@lpdza1 ~]# service iptables status
> Table: filter
> Chain INPUT (policy ACCEPT)
> num  target     prot opt source               destination
>
> Chain FORWARD (policy ACCEPT)
> num  target     prot opt source               destination
>
> Chain OUTPUT (policy ACCEPT)
> num  target     prot opt source               destination
>
>
> [root@lpdza1 ~]# iptables -P INPUT ACCEPT
> [root@lpdza1 ~]# iptables -F
> [root@lpdza1 ~]# iptables -A INPUT -p tcp --dport 22 -j ACCEPT
> [root@lpdza1 ~]# iptables -A INPUT -p tcp --dport 7028 -j ACCEPT
> [root@lpdza1 ~]# iptables -P INPUT DROP
> [root@lpdza1 ~]# iptables -P FORWARD DROP
> [root@lpdza1 ~]# iptables -P OUTPUT ACCEPT
> [root@lpdza1 ~]# iptables -A INPUT -i lo -j ACCEPT
> [root@lpdza1 ~]# iptables -A INPUT -i eth0 -j ACCEPT
> [root@lpdza1 ~]# iptables -A INPUT -m state --state
> NEW,ESTABLISHED,RELATED -j ACCEPT
>
> [root@lpdza1 ~]# /sbin/service iptables save
> [root@lpdza1 ~]# /sbin/service iptables reload
> [root@lpdza1 ~]# /sbin/service iptables start
>
> [root@lpdza1 ~]# iptables -L -v
> Chain INPUT (policy DROP 0 packets, 0 bytes)
>  pkts bytes target     prot opt in     out     source
> destination
>   468 35641 ACCEPT     tcp  --  any    any     anywhere
> anywhere            tcp dpt:ssh
>    13   708 ACCEPT     tcp  --  any    any     anywhere
> anywhere            tcp dpt:7028
>    22  1299 ACCEPT     all  --  lo     any     anywhere
> anywhere
>   733  124K ACCEPT     all  --  eth0   any     anywhere
> anywhere
>     0     0 ACCEPT     all  --  any    any     anywhere
> anywhere            state NEW,RELATED,ESTABLISHED
>
> Chain FORWARD (policy DROP 0 packets, 0 bytes)
>  pkts bytes target     prot opt in     out     source
> destination
>
> Chain OUTPUT (policy ACCEPT 1094 packets, 168K bytes)
>  pkts bytes target     prot opt in     out     source
> destination
>
>
> [root@lpdza1 ~]# ip6tables -P INPUT ACCEPT
> [root@lpdza1 ~]# ip6tables -F
> [root@lpdza1 ~]# ip6tables -A INPUT -p tcp --dport 22 -j ACCEPT
> [root@lpdza1 ~]# ip6tables -A INPUT -p tcp --dport 7028 -j ACCEPT
> [root@lpdza1 ~]# ip6tables -P INPUT DROP
> [root@lpdza1 ~]# ip6tables -P FORWARD DROP
> [root@lpdza1 ~]# ip6tables -P OUTPUT ACCEPT
> [root@lpdza1 ~]# ip6tables -A INPUT -i lo -j ACCEPT
> [root@lpdza1 ~]# ip6tables -A INPUT -i eth0 -j ACCEPT
> [root@lpdza1 ~]# ip6tables -A INPUT -m state --state
> NEW,ESTABLISHED,RELATED -j ACCEPT
>
> [root@lpdza1 ~]# /sbin/service ip6tables save
> [root@lpdza1 ~]# /sbin/service ip6tables reload
> [root@lpdza1 ~]# /sbin/service ip6tables start
>
> [root@lpdza1 ~]# iptables -P INPUT ACCEPT
> [root@lpdza1 ~]# iptables -F
> [root@lpdza1 ~]# iptables -A INPUT -p tcp --dport 22 -j ACCEPT
> [root@lpdza1 ~]# iptables -A INPUT -p tcp --dport 7028 -j ACCEPT
> [root@lpdza1 ~]# iptables -P INPUT DROP
> [root@lpdza1 ~]# iptables -P FORWARD DROP
> [root@lpdza1 ~]# iptables -P OUTPUT ACCEPT
> [root@lpdza1 ~]# iptables -A INPUT -i lo -j ACCEPT
> [root@lpdza1 ~]# iptables -A INPUT -i eth0 -j ACCEPT
> [root@lpdza1 ~]# iptables -A INPUT -m state --state
> NEW,ESTABLISHED,RELATED -j ACCEPT
>
> [root@lpdza1 ~]# /sbin/service iptables save
> [root@lpdza1 ~]# /sbin/service iptables reload
> [root@lpdza1 ~]# /sbin/service iptables start
>
>
> # test from first CentOS machine
>
> [root@lpdza1 ~]# nc -zv -w 2 lpdza1 22
> Connection to lpdza1 22 port [tcp/ssh] succeeded!
> [root@lpdza1 ~]# nc -zv -w 2 lpdza1 7028
> Connection to lpdza1 7028 port [tcp/*] succeeded!
>
> #switch to second CentOS machine
> [adiaz@lpdza2 ~]$ ping -c 1 lpdza1
> PING lpdza1 (192.168.122.185) 56(84) bytes of data.
> 64 bytes from lpdza1 (192.168.122.185): icmp_seq=1 ttl=64 time=0.567 ms
>
> [adiaz@lpdza2 ~]$ nc -zv -w 2 lpdza1 22
> Connection to lpdza1 22 port [tcp/ssh] succeeded!
> [adiaz@lpdza2 ~]$ nc -zv -w 2 lpdza1 7028
> nc: connect to lpdza1 port 7028 (tcp) failed: Connection refused
>
> ======================
>
>   Any pointers is very much appreciated. Thank you.
>
> ciao!
>
> --
> "Programming, an artform that fights back"
>
> Anuerin G. Diaz
> Registered Linux User #246176
> http://ramfree17.net/capsule , when you absolutely have nothing else
> better to do
>
> _________________________________________________
> Philippine Linux Users' Group (PLUG) Mailing List
> http://lists.linux.org.ph/mailman/listinfo/plug
> Searchable Archives: http://archives.free.net.ph
>
>
> _________________________________________________
> Philippine Linux Users' Group (PLUG) Mailing List
> http://lists.linux.org.ph/mailman/listinfo/plug
> Searchable Archives: http://archives.free.net.ph
>

_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
http://lists.linux.org.ph/mailman/listinfo/plug
Searchable Archives: http://archives.free.net.ph

Re: [plug] Unable to open the application port in CentOS 5.8

Reply via email to