I have a problem with a VPS ports config (on ovh.com).
- I set up Debian 10 and updated it.
- I didn't install any firewall software.
- OVH infrastructure is protected by a global firewall, but on my panel it's shown as disabled and there are no rules applied.
- Default ports work fine (HTTP, TCP, UDP, SSH, FTP, DNS and SSL).
EXAMPLE (FTP)
FTP works just fine on port 21:
client
$ ftp XX.XX.XX.XX
Connected to XX.XX.XX.XX.
220 (vsFTPd 3.0.3)
Name (XX.XX.XX.XX:f): NAME
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>
If I go to yougetsignal.com and it shows Port 21 is open and Port 2121 is closed.
Then I change the listening port to 2121, and it doesn't connect any more
server
# sudo nano /etc/vsftpd.conf
# changes done: "listening_port=2121"
# sudo service vsftpd restart
$ sudo netstat -tnlp | grep :2121
tcp6 0 0 :::2121 :::* LISTEN 28582/vsftpd
#rules allow all in
$ sudo iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
$ sudo ip6tables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
client
$ ftp
ftp> open XX.XX.XX.XX
ftp: connect: Connection refused
ftp> open XX.XX.XX.XX:2121
ftp: connect: Connection refused
If I go to yougetsignal.com and it shows Port 21 is closed and Port 2121 is closed.
Same happens for any other port.
Where else can be those rules be defined, since any change I make on ip6tables or iptables seems to do nothing?
UPDATE
As commented by Michael, it was space, not colon.
client
ftp> open XX.XX.XX.XX 2121
Connected to 51.222.30.108.
220 (vsFTPd 3.0.3)
On the other hand, the external test still throw "Closed", and the command commented by vidarlo, netcat -lp 2121, returns Can't grab 0.0.0.0:2121 with bind.
