On Sat, 10 Aug 2024 16:08:50 -0500
Richard Shaw <hobbes1069@gmail.com> wrote:

> On Sat, Aug 10, 2024 at 3:43 PM Samuel Sieb <samuel@sieb.net> wrote:
>
> > On 8/10/24 1:07 PM, Richard Shaw wrote: 
> > > I'm attempting to run a service on port 443 but no matter what I do,
> > > nmap reports the port is closed. Both systems are Fedora 40.
> > >
> > > On the server:
> > > # firewall-cmd --add-service=https
> > > success
> > > # firewall-cmd --runtime-to-permanent
> > > success
> > > # firewall-cmd --reload
> > > success
> > > # firewall-cmd --list-services
> > > cockpit dhcpv6-client http https mqtt mqtt-tls postgresql ssh
> > >
> > > On my desktop:
> > > $ nmap -p 443 <IP address>
> > > Starting Nmap 7.95 ( https://nmap.org <https://nmap.org> ) at 
> > 2024-08-10 
> > > 15:03 CDT
> > > Nmap scan report for r2d2.localdomain (<IP Address>)
> > > Host is up (0.00038s latency).
> > >
> > > PORT    STATE  SERVICE
> > > 443/tcp closed https 
> >
> > That means it's open from the firewall side, but nothing is listening on
> > the port.
> > 
>
> Which is interesting because `ss -tapn` shows otherwise and the log for
> mosquitto agrees:
>
> 1723324003: Config loaded from /mosquitto/config/mosquitto.conf.
> 1723324003: Opening ipv4 listen socket on port 1883.
> 1723324003: Opening ipv6 listen socket on port 1883.
> 1723324003: Opening ipv4 listen socket on port 8883.
> 1723324003: Opening websockets listen socket on port 443.
> 1723324003: mosquitto version 2.0.18 running
> --

And does it also listen on the external interface, and not just on the loopback?