Join Log in
Score:0
신동혁 avatar Ubuntu

How to allow port on Firewalld?

nr flag
신동혁

I am studying about docker.

I'm using SSH on my local PC(window) to connect to my server PC(ubuntu).

On the server PC, I pulled nginx image from docker hub and I run it with port option.

{server}@{server}:~$ docker run -itd --name test -p 32769:80 nginx:latest

This is docker process status.

{server}@{server}:~$ docker ps -a
CONTAINER ID   IMAGE            COMMAND               CREATED          STATUS                PORTS                                         NAMES
687b709f8675   nginx:latest  "/docker-entrypoint.…"   50 minutes ago   Up 50 minutes  0.0.0.0:32769->80/tcp, :::32769->80/tcp               test

I also check port status by this command

{server}@{server}:~$ netstat -ntlp | grep 32769
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp        0      0 0.0.0.0:32769           0.0.0.0:*               LISTEN      -
tcp6       0      0 :::32769                :::*                    LISTEN      -

On my local PC, I tried to access server PC's 32769 port. But it didn't work.

On the chrome, I tried to connect "http://{server_ip}:32769/". It failed.

And on the cmd, I tried this command.

C:{local_path}>tcping {server_ip} 32769
Probing {server_ip}:32769/tcp - No response - time=2003.578ms
Probing {server_ip}:32769/tcp - No response - time=2007.065ms

So I thougth this problem is about firewall and on the server PC, I stop firewalld.

{server}@{server}:~$ sudo systemctl stop firewalld

After stopping firewalld, connection was succeeded.

But here is my question. As I know if I add some options on firewalld to allow connection, connection has to be succeeded. In my case, it didn't work out. Here is my commands to add option on firewalld.

{server}@{server}:~$ firewall-cmd --permanent --add-port=32769/tcp
{server}@{server}:~$ firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: enp3s0
sources:
services: dhcpv6-client ssh
ports: 32769/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:  
{server}@{server}:~$ sudo systemctl start firewalld

But connection failed. Please help me. I don't want to solve this problem not just by shut down whole firewalld. I want to use firewalld and allow connection to specific port. What is wrong with my commands?

23
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.