Question

[Ubuntu]: Can't open any port

Posted October 23, 2014 7.3k views

I followed the following guide:

https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-ip-tables-on-ubuntu-12-04

and tried to open port 80, but I still have nothing open or listening:

netstat -plunt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      1051/mysqld     
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      965/sshd        
tcp6       0      0 :::22   

The strangest thing is that I could connect to the server yesterday and today it isn’t working anymore and the only thing I changed was to add a DNS entry on Digital Ocean.

Could this have anything to do with it?

I tried even to disable any protection with the following commands:

$ sudo iptables -X
$ sudo iptables -t nat -F
$ sudo iptables -t nat -X
$ sudo iptables -t mangle -F
$ sudo iptables -t mangle -X
$ sudo iptables -P INPUT ACCEPT
$ sudo iptables -P FORWARD ACCEPT
$ sudo iptables -P OUTPUT ACCEPT

but still only port 22 is accessible. What could be the reason for this?

2 comments
  • Why have a firewall in the first place?

    Your running daemons could still get exploited?

    Make sure you know what you have running and on what ports. Secure those daemons which would be much better then implementing a firewall to allow traffic only to certain ports which are in essence the only ports that are actually being used anyway!

  • netstat -plunt will only list ports that something is actively listening on. Do you have a web server listening on port 80? Is Apache or Nginx installed?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

netstat -plunt should show you that the web server is trying to listen on port 80 even if it is blocked by the firewall. Make sure the server is running. If it’s Apache, run:

service apache2 start

If it’s Nginx, then:

service nginx restart
Submit an Answer