Ask Your Question
0

Instance ports are closed

asked 2015-01-19 08:16:22 -0600

IvanAK gravatar image

updated 2015-01-20 03:29:16 -0600

Hi all, I have an Test tenant create and i have one Test CentOS up and running. The machine works perfect. I have add ssh port and works perfect. After a some time i note that i cant ping http://www.google.com but i can ping 8.8.8.8. I add port 80 from security group rules ( and yes resolve.conf is ok ) but still same problem. And i try scanning the machine with nmap and i see that port 80 is closed.

Any hints about it ?

 nova secgroup-list-rules default
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range  | Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp         | 80        | 80      | 0.0.0.0/0 |              |
| tcp         | 22        | 22      | 0.0.0.0/0 |              |
|             |           |         |           | default      |
| icmp        | -1        | -1      | 0.0.0.0/0 |              |
|             |           |         |           | default      |
+-------------+-----------+---------+-----------+--------------+

And this is the output of the nmap scanning that instance public ips

PORT   STATE  SERVICE
22/tcp open   ssh
80/tcp closed http

And this is the output of the iptables of the instance

[root@testos ~]# systemctl stop iptables
Failed to issue method call: Unit iptables.service not loaded.
[root@testos ~]# systemctl status iptables
iptables.service
   Loaded: not-found (Reason: No such file or directory)
   Active: inactive (dead)

[root@testos ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
[root@testos ~]#
edit retag flag offensive close merge delete

Comments

Can you list all ingress and egress rules from security group used for creating VM

Ranjit gravatar imageRanjit ( 2015-01-19 08:34:05 -0600 )edit

I edit the post above.

IvanAK gravatar imageIvanAK ( 2015-01-19 08:50:11 -0600 )edit

1 answer

Sort by ยป oldest newest most voted
0

answered 2015-01-19 11:04:38 -0600

NoNoNoo gravatar image

The centos glance images that I have seen have iptables enabled for default (and ssh allowed by iptables). Check if iptables is enables executing:

iptables -L

If enabled stop it executing:

chkconfig iptables off
service iptables stop
edit flag offensive delete link more

Comments

I have edit the question with the comment and output of iptables. Seems iptables is disabled and no rules showing me when i list the iptables.

IvanAK gravatar imageIvanAK ( 2015-01-20 03:25:51 -0600 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-01-19 08:16:22 -0600

Seen: 1,108 times

Last updated: Jan 20 '15