Thanks for that reminder - I now have access! I'm still not sure of what's going on with iptables, though. I added an ACCEPT rule for traffic from my remote machine to the beginning of the chain, and that got rid of the blocking problem. I'll finish debugging that later with TRACE rules.
Scott -----Original Message----- From: Jan Høydahl <jan....@cominvent.com> Sent: Monday, October 28, 2024 8:14 PM To: users@solr.apache.org Subject: Re: Fresh Installation with Status and Access Issues Hi, Solr by default binds only to localhost, as you have confirmed. See https://solr.apache.org/guide/solr/latest/deployment-guide/taking-solr-to-pr oduction.html#security-considerations So please set SOLR_JETTY_HOST="0.0.0.0" to allow access from other hosts. Jan > 28. okt. 2024 kl. 18:35 skrev Scott Hollenbeck <sah6...@gmail.com>: > > Thanks for the suggestion. Unfortunately it didn't help. > > Scott > > -----Original Message----- > From: Thorsten Heit <th...@gmx.de.INVALID> > Sent: Monday, October 28, 2024 10:42 AM > To: users@solr.apache.org > Subject: Re: Fresh Installation with Status and Access Issues > > Hi, > >> Attempts to connect to the server using a browser with URL http://192.168.1. >> 250:8983/ time out. The connection attempt is being refused according to >> iptables: >> >> 2024-10-26T18:53:51.741381-04:00 localhost kernel: iptables denied: IN=eno1 >> OUT= MAC=54:bf:64:94:de:a8:d8:bb:c1:94:72:25:08:00 SRC=192.168.1.46 DST=192. >> 168.1.250 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=20939 DF PROTO=TCP SPT=61547 >> DPT=8983 WINDOW=64240 RES=0x00 SYN URGP=0 >> >> Can someone please help me understand what's going on here? Why is the >> service not in an active (running) state? Why is iptables blocking the >> connection request when the port is open? > > AFAIK the Solr server by default can only be contacted via localhost > access, i.e. http://127.0.0.1:8983. > > If you want to change that, you have to adopt your configuration by > changing SOLR_IP_ALLOWLIST in your solr.in.sh configuration file, for > example > > SOLR_IP_ALLOWLIST="127.0.0.1, 10.192.0.0/16, [::1]" > > > HTH > > Thorsten >
