Non standard HTTP port on ubuntu

February 23, 2015 1.9k views

I have an Ubuntu droplet

> uname -a
Linux MYHOSTNAME 3.13.0-43-generic #72-Ubuntu SMP Mon Dec 8 19:35:06 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

I am trying to run a ruby webrick command line invocation to bind to port 9191.

> ruby -run -e httpd . -p9191

When I do this I am able to connect to the public IP of the host using curl or telnet from the droplet itself, but not from other hosts.

> curl -X GET http://MYIPADDRESS:9191
curl: (7) Failed to connect to MYIPADDRESS port 9191: Connection refused

If I change the webserver command to port 80

> ruby -run -e httpd . -p80

Then it works. What is different about port 80 in this case? How can I enable HTTP traffic to port 9191 from the outside world.

BTW iptable does not seem to have any rules setup

> iptables -nL
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
1 Answer

By default, that command should bind to the public interface and serve content externally. What's the output of netstat -plunt ? You should see something similar to

# netstat -plunt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:9191            0.0.0.0:*               LISTEN      1389/ruby

This means that the process is listening on all interfaces. If your content is still not available, then your problem will lay somewhere else. If for some reason, the output looks like this:

# netstat -plunt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:9191          0.0.0.0:*               LISTEN      1740/ruby 

Then it is only being served on the localhost. To explicitly make it available publicly, you can pass a bind-address option:

ruby -run -e httpd . -p9191 --bind-address=0.0.0.0
  • Yeah, I have tried the bind address argument before, with it, or without it the output from netstat is the same

    root@MYHOSTNAME:~# netstat -plunt
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
    tcp        0      0 0.0.0.0:9191            0.0.0.0:*               LISTEN      3555/ruby
    

    Again, doing this on port 80 produces a similar result in netstat

    root@MYHOSTNAME:~# netstat -plunt
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
    tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      3592/ruby
    

    But now the server is accessible to the general public. The fact that this seems affected by the chosen port really suggests a firewall in play here, but I'm not familiar enough with the DO stack to know where that might be applied.

Have another answer? Share your knowledge.