I am unable to connect to my webserver on port 80 when not in localhost, on a debian 9 with nginx 1.14.2. I curl the IPv6 address with
curl 'http://[addr]'
And I'm welcomed with
curl: (7) Failed to connect to addr port 80: Connection refused
I have the most basic server configuration :
server {
listen 80;
listen [::]:80;
server_name mywebserver.com www.mywebsever.com; #Those are not the real domain names
root /data/www/;
index index.html;
location / {
}
}
tcptraceroute6 addr 80 gives me the following output, so I'm pretty sure it comes from the server :
traceroute to addr (addr) from addr, port 80, from port 64245, 30 hops max, 60 bytes packets
1 rpi4.home (addr) 0.029 ms [closed] 0.014 ms 0.012 ms
I disabled ufw and reseted my IPtables using :
#!/bin/sh
echo "Flushing iptables rules..."
sleep 1
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
But it is still blocked and tcptraceroute6 displays the same error.
My iptables are as follow (sudo iptables -t nat -nvL):
Chain PREROUTING (policy ACCEPT 5 packets, 850 bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 1 packets, 67 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 1 packets, 67 bytes)
pkts bytes target prot opt in out source destination
Nginx does run :
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2021-12-25 23:09:37 UTC; 1h 7min ago
Docs: man:nginx(8)
Process: 558 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 562 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Main PID: 563 (nginx)
Tasks: 2 (limit: 4915)
Memory: 12.5M
CGroup: /system.slice/nginx.service
├─ 563 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
└─1278 nginx: worker process
Dec 25 23:09:36 rpi4-20210210 systemd[1]: Starting A high performance web server and a reverse proxy server...
Dec 25 23:09:37 rpi4-20210210 systemd[1]: Started A high performance web server and a reverse proxy server.
Unforntunately, after running netstat -ntl, it appears that the server does not listen to port 80 in IPv6 :
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 ::1:6010 :::* LISTEN
tcp6 0 0 ::1:6011 :::* LISTEN
telnet addr 80 returns :
Trying addr...
telnet: Unable to connect to remote host: Connection refused
I tried adding a rule using ip6tables -P INPUT ACCEPT, ip6tables -P OUTPUT ACCEPT and ip6tables -A INPUT -p tcp --dport 80 -j ACCEPT but it does not seems to work right now. I also dropped all IPv6 rules, no changes.
I consulted the following, to this day none worked :
https://serverfault.com/questions/670575/failed-to-connect-to-127-0-0-1-port-80
https://askubuntu.com/questions/676434/port-80-connection-refused
nginx not listening to port 80
CodePudding user response:
I have couple question which might sound stupid but let's be sure:
- Can you confirm that nginx is running ("systemtl status nginx" - should be active running )
- Can you confirm your server is listening to port 80 (netstat -ntl)
- Did you try to telnet to your server with port 80 ? (telnet addr 80)
- Have you tried to stop Uwf and iptables?
CodePudding user response:
It appears I'm just a bit stupid and really not used to webserver configuration, I missed the configuration of my server, it fell on the default nginx server, which is sadly only listening on port 80 on IPv4. Just another dumb mistake, warm thanks for @Petros, who set me om the right tracks.