Connection refused to port

[mikelynch229]

I am having an issue connecting to jboss/tomcat running on port 8080. This is a new VPS running CentOS on xen and has never worked on this host. I can connect to the port from the console but not from external.

Following are the results for netstat -nlp showing that the port is being listened to:

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:3873 0.0.0.0:* LISTEN 1660/java
tcp 0 0 127.0.0.1:8009 0.0.0.0:* LISTEN 1660/java
tcp 0 0 0.0.0.0:43498 0.0.0.0:* LISTEN 1660/java
tcp 0 0 127.0.0.1:1098 0.0.0.0:* LISTEN 1660/java
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 1376/mysqld
tcp 0 0 127.0.0.1:1099 0.0.0.0:* LISTEN 1660/java
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN 1660/java
tcp 0 0 127.0.0.1:8083 0.0.0.0:* LISTEN 1660/java
tcp 0 0 0.0.0.0:49493 0.0.0.0:* LISTEN 1660/java
tcp 0 0 0.0.0.0:56249 0.0.0.0:* LISTEN 1660/java
tcp 0 0 127.0.0.1:4444 0.0.0.0:* LISTEN 1660/java
tcp 0 0 127.0.0.1:8093 0.0.0.0:* LISTEN 1660/java
tcp 0 0 127.0.0.1:4445 0.0.0.0:* LISTEN 1660/java
tcp 0 0 127.0.0.1:4446 0.0.0.0:* LISTEN 1660/java
tcp 0 0 :::80 :::* LISTEN 1019/httpd
tcp 0 0 :::22 :::* LISTEN 941/sshd
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node PID/Program name Path
unix 2 [ ACC ] STREAM LISTENING 4031 1376/mysqld /var/lib/mysql/mysql.sock
unix 2 [ ACC ] STREAM LISTENING 2466 919/dbus-daemon /var/run/dbus/system_bus_socket


Here is the listing of my iptable configuration showing ports 22, 80 and 8080 are open:

Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- mclane.vps.spry.com anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:webcache
ACCEPT udp -- anywhere anywhere udp dpt:ssh
ACCEPT udp -- anywhere anywhere udp dpt:http
ACCEPT udp -- anywhere anywhere udp dpt:webcache
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
DROP udp -- anywhere anywhere
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain PREROUTING (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination



From the console command line I can connect successfully using #>telnet localhost 8080
I can also connect to port 80 remotely.

When I try to telnet remotely I get connection refused.

Is there a setting in a configuration file that I am missing somewhere?

Thanks...

Mike

[chriss]

Quote:

Originally Posted by mikelynch229

From the console command line I can connect successfully using #>telnet localhost 8080
I can also connect to port 80 remotely.

When I try to telnet remotely I get connection refused.

I'm not familiar with this software, but

Code:

tcp        0      0 127.0.0.1:8080              0.0.0.0:*         LISTEN      1660/java

this line indicates that port 8080 is bound to the loopback interface, which is why you can only connect from localhost and

Code:

tcp        0      0 :::80                       :::*              LISTEN      1019/httpd

this line indicates that port 80 is listening on any available interface which is why you can connect remotely.

Somewhere you need to configure the software on port 8080 to either listen on your IP address, or the default address (0.0.0.0) so that you see either this:

Code:

tcp        0      0 your.ip.address.here:8080       0.0.0.0:*         LISTEN      1660/java

or this:

Code:

tcp        0      0 0.0.0.0:8080              0.0.0.0:*         LISTEN      1660/java

[GuyPatterson]

You could also have your webserver serve up "127.0.0.1:8080" on "yourdomain.com:80." You'd essentially turn your web-server into a reverse proxy server, kind of.

That might be how the software is intended to run (prevent the need to bind the software to an IP/interface).