Score:2

Server

Centos7 machine refusing connection to port

Dr.Tautology

10/5/23, 11:42 PM

I'm trying to make sure that the machine is accepting tcp connections on port 8245, however I am unable to connect.

When I try from an external machine: telnet myhostname.com 8245

I get:

Unable to connect to remote host: Connection refused

I have already added the port on the host machine via firewall-cmd:

sudo firewall-cmd --zone=public --add-port=8245/tcp --permanent
sudo firewall-cmd --reload

And confirmed with:

sudo firewall-cmd --list-ports

8245/tcp 80/tcp 443/tcp

And: sudo iptables -L

Chain IN_public_allow (1 references)

target prot opt source destination

ACCEPT tcp -- anywhere anywhere tcp dpt:8245 ctstate NEW,UNTRACKED

I'm having no issues making telnet connections to ports 80 and 443, so I'm not sure what I'm doing wrong.

2294

1 + 0

linux

centos

linux-networking

Score:2

Server

Adam

10/6/23, 12:03 AM

Your service that is listening on port 8245 is probably not listening on all addresses, maybe only localhost. You can confirm by running netstat -l on the Centos server and checking for the local address with port 8245 and state LISTEN.

+ 6

Dr.Tautology

10/6/23, 12:18 AM

The reason I want this port opened is because I'm having an issue with my noip dynamic update client service that is running. I read that the client uses 80, 443 and 8245. When I look at netstat there is nothing listening on all three of those ports. I thought using telnet is just supposed to tell you if a port is open and doesn't necessarily indicate that a service is actively listening on that port?

Adam

10/6/23, 12:23 AM

telnet will try to connect to whatever is running on the port, if nothing is actually listening on that port then you will get the connection refused message even if the firewall is allowing the incoming connection. As for your dynamic DNS client, that would use an outgoing connection so it doesn't matter what incoming ports are allowed. Check your `iptables -L` OUTPUT chain to see what the default policy is, and if only certain ports are allowed.

Dr.Tautology

10/6/23, 12:41 AM

Thank you, I'm still learning. Here is what my output chain is: ACCEPT all -- anywhere anywhere OUTPUT_direct all -- anywhere anywhere Does this mean that all outbound traffic is being allowed?

Dr.Tautology

10/6/23, 1:20 AM

I'm also confused because netstat doesn't show anything listening on port 80, but I'm still able to telnet to it.

Gerald Schneider

10/6/23, 8:08 AM

`I read that the client uses 80, 443 and 8245` Chances are that the client uses these ports on outbound connections. If that is the case it won't listen on that ports. There is no need for a dyndns client to listen on a port.

Adam

10/6/23, 11:54 AM

If you want to check that your centos server can connect to the no-ip server ports then you want to run telnet from the centos server. You can test port 8245 by running `telnet dynupdate.no-ip.com 8245` from your server. I think you were using telnet backwards before :) You want to run it from your own server, not to it.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Centos7 machine refusing connection to port

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.