http://www.howtoforge.com/perfect-server-ubuntu-11.10-with-nginx-ispconfig-3 installed 2 different machine. Local network access ok. adsl modem port forwarding okey (21,22,23,53,80,110,143,443,587,3306,8080). Debian 6 installed other server running no problem. Ubuntu nginx server restrict access on internet. mxtoolbox.com my ip port scan results 23,53,80 success and 21,22,25,110,143..... and other port error "No connection could be made because the target machine actively refused it" What is the solution ?
What are the outputs of Code: netstat -tap and Code: iptables -L on the Ubuntu server? Does your router forward the ports to the correct server?
netstat Code: root@sunucu:~# netstat -tap Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 localhost.localdom:9000 *:* LISTEN 1938/php-fpm.conf) tcp 0 0 localhost.localdo:10024 *:* LISTEN 1050/amavisd (maste tcp 0 0 localhost.localdo:10025 *:* LISTEN 2406/master tcp 0 0 *:mysql *:* LISTEN 939/mysqld tcp 0 0 *:http-alt *:* LISTEN 1896/nginx tcp 0 0 *:www *:* LISTEN 1896/nginx tcp 0 0 *:tproxy *:* LISTEN 1896/nginx tcp 0 0 localhost.localdom:9010 *:* LISTEN 1938/php-fpm.conf) tcp 0 0 localhost.localdom:9011 *:* LISTEN 1938/php-fpm.conf) tcp 0 0 localhost.localdom:9012 *:* LISTEN 1938/php-fpm.conf) tcp 0 0 *:ftp *:* LISTEN 2091/pure-ftpd (SER tcp 0 0 localhost.localdom:9013 *:* LISTEN 1938/php-fpm.conf) tcp 0 0 sunucu.siberbilg:domain *:* LISTEN 1070/named tcp 0 0 sunucu.siberbilg:domain *:* LISTEN 1070/named tcp 0 0 localhost.locald:domain *:* LISTEN 1070/named tcp 0 0 localhost.localdom:9014 *:* LISTEN 1938/php-fpm.conf) tcp 0 0 *:ssh *:* LISTEN 757/sshd tcp 0 0 localhost.localdom:9015 *:* LISTEN 1938/php-fpm.conf) tcp 0 0 *:smtp *:* LISTEN 2406/master tcp 0 0 localhost.localdoma:953 *:* LISTEN 1070/named tcp 0 0 localhost.localdo:47143 localhost.localdo:mysql ESTABLISHED 28850/amavisd (ch7- tcp 0 0 localhost.localdo:47129 localhost.localdo:mysql ESTABLISHED 28695/amavisd (ch8- tcp 0 248 sunucu.siberbilgisa:ssh 192.168.2.138:52647 ESTABLISHED 30669/0 tcp 0 0 localhost.localdo:mysql localhost.localdo:47143 ESTABLISHED 939/mysqld tcp 0 0 localhost.localdo:mysql localhost.localdo:47129 ESTABLISHED 939/mysqld tcp6 0 0 [::]:imaps [::]:* LISTEN 1721/couriertcpd tcp6 0 0 [::]:pop3s [::]:* LISTEN 1771/couriertcpd tcp6 0 0 [::]:pop3 [::]:* LISTEN 1743/couriertcpd tcp6 0 0 [::]:imap2 [::]:* LISTEN 1688/couriertcpd tcp6 0 0 [::]:ftp [::]:* LISTEN 2091/pure-ftpd (SER tcp6 0 0 [::]:domain [::]:* LISTEN 1070/named tcp6 0 0 [::]:ssh [::]:* LISTEN 757/sshd tcp6 0 0 ip6-localhost:953 [::]:* LISTEN 1070/named iptables Code: root@sunucu:~# iptables -L Chain INPUT (policy DROP) target prot opt source destination DROP tcp -- anywhere 127.0.0.0/8 ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere DROP all -- base-address.mcast.net/4 anywhere PUB_IN all -- anywhere anywhere PUB_IN all -- anywhere anywhere PUB_IN all -- anywhere anywhere PUB_IN all -- anywhere anywhere DROP all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED DROP all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination PUB_OUT all -- anywhere anywhere PUB_OUT all -- anywhere anywhere PUB_OUT all -- anywhere anywhere PUB_OUT all -- anywhere anywhere Chain INT_IN (0 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere DROP all -- anywhere anywhere Chain INT_OUT (0 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere ACCEPT all -- anywhere anywhere Chain PAROLE (15 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain PUB_IN (4 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp echo-reply ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp echo-request PAROLE tcp -- anywhere anywhere tcp dpt:ftp-data PAROLE tcp -- anywhere anywhere tcp dpt:ftp PAROLE tcp -- anywhere anywhere tcp dpt:ssh PAROLE tcp -- anywhere anywhere tcp dpt:smtp PAROLE tcp -- anywhere anywhere tcp dpt:domain PAROLE tcp -- anywhere anywhere tcp dpt:www PAROLE tcp -- anywhere anywhere tcp dpt:pop3 PAROLE tcp -- anywhere anywhere tcp dpt:imap2 PAROLE tcp -- anywhere anywhere tcp dpt:https PAROLE tcp -- anywhere anywhere tcp dpt:imaps PAROLE tcp -- anywhere anywhere tcp dpt:pop3s PAROLE tcp -- anywhere anywhere tcp dpt:mysql PAROLE tcp -- anywhere anywhere tcp dpt:http-alt PAROLE tcp -- anywhere anywhere tcp dpt:tproxy PAROLE tcp -- anywhere anywhere tcp dpt:webmin ACCEPT udp -- anywhere anywhere udp dpt:domain ACCEPT udp -- anywhere anywhere udp dpt:mysql DROP icmp -- anywhere anywhere DROP all -- anywhere anywhere Chain PUB_OUT (4 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain fail2ban-courierimap (0 references) target prot opt source destination RETURN all -- anywhere anywhere Chain fail2ban-courierpop3 (0 references) target prot opt source destination RETURN all -- anywhere anywhere Chain fail2ban-courierpop3s (0 references) target prot opt source destination RETURN all -- anywhere anywhere Chain fail2ban-sasl (0 references) target prot opt source destination Chain fail2ban-ssh (0 references) target prot opt source destination RETURN all -- anywhere anywhere 1- on the Ubuntu server? 2- Does your router forward the ports to the correct server? 1- Yes Ubuntu server. 2- Yes correct server
tcp 0 248 sunucu.siberbilgisa:ssh 192.168.2.138:52647 ESTABLISHED 30669/0 . I could not understand it Ubuntu server local ip : 192.168.2.250 Other server debian : 192.168.2.200 no problem port. add : 192.168.2.138 my pc ip
System information as of Wed Dec 7 17:52:54 EET 2011 System load: 1.49 Processes: 292 Usage of /: 4.5% of 145.50GB Users logged in: 0 Memory usage: 46% IP address for eth0: 192.168.2.250 Swap usage: 0% -------------------------------------------------------------------------- vi /etc/network/interfaces # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet static address 192.168.2.250 netmask 255.255.255.0 network 192.168.2.0 broadcast 192.168.2.255 gateway 192.168.2.1 ~ --------------------------------------------------- vi /etc/hosts 127.0.0.1 localhost.localdomain localhost 192.168.2.250 sunucu.siberbilgxxxxx sunucu # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters
Firewall - Basic - Add Firewall record --- testing and problem in progress. Remove firewall record again problem in progress. No change
I have two servers at the same place. Different cable and router port try and no change. Other server debian 6 no problem.
Thank you very much. http://www.howtoforge.com/perfect-server-opensuse-12.1-x86_64-with-nginx-ispconfig-3 installing now. Let's see what will happen
Open suse installed and worked. After installed ubuntu again. I could not understand but is working now. running smoothly . Thanks again.
