Sorry, but I use Linux on desktop and I’m testing on server.
I have only instilled the debian 9 dropplet and installed vesta. Then install uwf and added to iptables. Only that.
The vestacp firewall (web version) shows port 443 open.
To allow outgoing connections … how is it done? with uwf?
I can ping all ports except 443. The ip is this: 174.138.39.157
I think the main problem is that at some point that port is closed. I don’t know if it’s the operating system, apache, vestacp … I don’t know :(
Forgive me my ignorance. And my English too, I am Spanish.
Thank you very much!
telnet localhost 443
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
*iptables -L *
Chain INPUT (policy DROP)
target prot opt source destination
f2b-sshd tcp -- anywhere anywhere multiport dports ssh
fail2ban-SSH tcp -- anywhere anywhere tcp dpt:ssh
fail2ban-VESTA tcp -- anywhere anywhere tcp dpt:5600
fail2ban-MAIL tcp -- anywhere anywhere multiport dports smtp,urd,submission,2525,pop3,pop3s,imap2,imaps
fail2ban-FTP tcp -- anywhere anywhere tcp dpt:ftp
fail2ban-VESTA-ADMIN tcp -- anywhere anywhere tcp dpt:5600
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- 10.10.0.5 anywhere
ACCEPT all -- 174.138.39.157 anywhere
ACCEPT all -- localhost anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:5600
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere multiport dports ftp,12000:12100
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT tcp -- anywhere anywhere multiport dports smtp,urd,submission,2525
ACCEPT tcp -- anywhere anywhere multiport dports pop3,pop3s
ACCEPT tcp -- anywhere anywhere multiport dports imap2,imaps
ACCEPT tcp -- anywhere anywhere multiport dports mysql,postgresql
DROP tcp -- anywhere anywhere tcp dpt:8083
ACCEPT icmp -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain f2b-sshd (1 references)
target prot opt source destination
REJECT all -- 134.209.115.206 anywhere reject-with icmp-port-unreachable
REJECT all -- pool-68-9-123-181.telecel.com.py anywhere reject-with icmp-port-unreachable
REJECT all -- 222.186.180.17 anywhere reject-with icmp-port-unreachable
REJECT all -- 121.162.131.223 anywhere reject-with icmp-port-unreachable
RETURN all -- anywhere anywhere
Chain fail2ban-FTP (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-MAIL (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-SSH (1 references)
target prot opt source destination
REJECT all -- 134.209.115.206 anywhere reject-with icmp-port-unreachable
REJECT all -- pool-68-9-123-181.telecel.com.py anywhere reject-with icmp-port-unreachable
REJECT all -- 222.186.180.17 anywhere reject-with icmp-port-unreachable
REJECT all -- 121.162.131.223 anywhere reject-with icmp-port-unreachable
RETURN all -- anywhere anywhere
Chain fail2ban-VESTA (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-VESTA-ADMIN (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain vesta (0 references)
target prot opt source destination
nmap 174.138.39.157
Starting Nmap 7.40 ( https://nmap.org ) at 2019-10-18 10:12 UTC
Nmap scan report for 174.138.39.157
Host is up (0.000014s latency).
Not shown: 985 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
110/tcp open pop3
143/tcp open imap
465/tcp open smtps
587/tcp open submission
993/tcp open imaps
995/tcp open pop3s
2525/tcp open ms-v-worlds
3306/tcp open mysql
8080/tcp open http-proxy
8443/tcp open https-alt
You don’t give a lot of information, but let’s have a think about these:
Hope this helps you a bit
hi