I'm attempting to run a service on port 443 but no matter what I do, nmap reports the port is closed. Both systems are Fedora 40.
On the server: # firewall-cmd --add-service=https success # firewall-cmd --runtime-to-permanent success # firewall-cmd --reload success # firewall-cmd --list-services cockpit dhcpv6-client http https mqtt mqtt-tls postgresql ssh
On my desktop: $ nmap -p 443 <IP address> Starting Nmap 7.95 ( https://nmap.org ) at 2024-08-10 15:03 CDT Nmap scan report for r2d2.localdomain (<IP Address>) Host is up (0.00038s latency).
PORT STATE SERVICE 443/tcp closed https
Nmap done: 1 IP address (1 host up) scanned in 0.02 seconds
All other service ports that I've opened work fine, so what's up?
Thanks, Richard
On Sat, 10 Aug 2024 15:07:48 -0500 Richard Shaw hobbes1069@gmail.com wrote:
I'm attempting to run a service on port 443 but no matter what I do, nmap reports the port is closed. Both systems are Fedora 40.
On the server: # firewall-cmd --add-service=https success # firewall-cmd --runtime-to-permanent success # firewall-cmd --reload success # firewall-cmd --list-services cockpit dhcpv6-client http https mqtt mqtt-tls postgresql ssh
On my desktop: $ nmap -p 443 <IP address> Starting Nmap 7.95 ( https://nmap.org ) at 2024-08-10 15:03 CDT Nmap scan report for r2d2.localdomain (<IP Address>) Host is up (0.00038s latency).
PORT STATE SERVICE 443/tcp closed https
Nmap done: 1 IP address (1 host up) scanned in 0.02 seconds
All other service ports that I've opened work fine, so what's up?
Test you (eg. 'netstat -a -n -e -v -p') that you service list on right interface/IP address?
On 8/10/24 1:07 PM, Richard Shaw wrote:
I'm attempting to run a service on port 443 but no matter what I do, nmap reports the port is closed. Both systems are Fedora 40.
On the server: # firewall-cmd --add-service=https success # firewall-cmd --runtime-to-permanent success # firewall-cmd --reload success # firewall-cmd --list-services cockpit dhcpv6-client http https mqtt mqtt-tls postgresql ssh
On my desktop: $ nmap -p 443 <IP address> Starting Nmap 7.95 ( https://nmap.org https://nmap.org ) at 2024-08-10 15:03 CDT Nmap scan report for r2d2.localdomain (<IP Address>) Host is up (0.00038s latency).
PORT STATE SERVICE 443/tcp closed https
That means it's open from the firewall side, but nothing is listening on the port.
On Sat, Aug 10, 2024 at 3:43 PM Samuel Sieb samuel@sieb.net wrote:
On 8/10/24 1:07 PM, Richard Shaw wrote:
I'm attempting to run a service on port 443 but no matter what I do, nmap reports the port is closed. Both systems are Fedora 40.
On the server: # firewall-cmd --add-service=https success # firewall-cmd --runtime-to-permanent success # firewall-cmd --reload success # firewall-cmd --list-services cockpit dhcpv6-client http https mqtt mqtt-tls postgresql ssh
On my desktop: $ nmap -p 443 <IP address> Starting Nmap 7.95 ( https://nmap.org https://nmap.org ) at
2024-08-10
15:03 CDT Nmap scan report for r2d2.localdomain (<IP Address>) Host is up (0.00038s latency).
PORT STATE SERVICE 443/tcp closed https
That means it's open from the firewall side, but nothing is listening on the port.
Which is interesting because `ss -tapn` shows otherwise and the log for mosquitto agrees:
1723324003: Config loaded from /mosquitto/config/mosquitto.conf. 1723324003: Opening ipv4 listen socket on port 1883. 1723324003: Opening ipv6 listen socket on port 1883. 1723324003: Opening ipv4 listen socket on port 8883. 1723324003: Opening websockets listen socket on port 443. 1723324003: mosquitto version 2.0.18 running
Thanks, Richard
On Sat, 10 Aug 2024 16:08:50 -0500 Richard Shaw hobbes1069@gmail.com wrote:
On Sat, Aug 10, 2024 at 3:43 PM Samuel Sieb samuel@sieb.net wrote:
On 8/10/24 1:07 PM, Richard Shaw wrote:
I'm attempting to run a service on port 443 but no matter what I do, nmap reports the port is closed. Both systems are Fedora 40.
On the server: # firewall-cmd --add-service=https success # firewall-cmd --runtime-to-permanent success # firewall-cmd --reload success # firewall-cmd --list-services cockpit dhcpv6-client http https mqtt mqtt-tls postgresql ssh
On my desktop: $ nmap -p 443 <IP address> Starting Nmap 7.95 ( https://nmap.org https://nmap.org ) at
2024-08-10
15:03 CDT Nmap scan report for r2d2.localdomain (<IP Address>) Host is up (0.00038s latency).
PORT STATE SERVICE 443/tcp closed https
That means it's open from the firewall side, but nothing is listening on the port.
Which is interesting because `ss -tapn` shows otherwise and the log for mosquitto agrees:
1723324003: Config loaded from /mosquitto/config/mosquitto.conf. 1723324003: Opening ipv4 listen socket on port 1883. 1723324003: Opening ipv6 listen socket on port 1883. 1723324003: Opening ipv4 listen socket on port 8883. 1723324003: Opening websockets listen socket on port 443. 1723324003: mosquitto version 2.0.18 running --
And does it also listen on the external interface, and not just on the loopback?
On Sat, Aug 10, 2024 at 4:23 PM Franta Hanzlík via users < users@lists.fedoraproject.org> wrote:
On Sat, 10 Aug 2024 16:08:50 -0500 Richard Shaw hobbes1069@gmail.com wrote:
On Sat, Aug 10, 2024 at 3:43 PM Samuel Sieb samuel@sieb.net wrote:
On 8/10/24 1:07 PM, Richard Shaw wrote:
I'm attempting to run a service on port 443 but no matter what I do, nmap reports the port is closed. Both systems are Fedora 40.
On the server: # firewall-cmd --add-service=https success # firewall-cmd --runtime-to-permanent success # firewall-cmd --reload success # firewall-cmd --list-services cockpit dhcpv6-client http https mqtt mqtt-tls postgresql ssh
On my desktop: $ nmap -p 443 <IP address> Starting Nmap 7.95 ( https://nmap.org https://nmap.org ) at
2024-08-10
15:03 CDT Nmap scan report for r2d2.localdomain (<IP Address>) Host is up (0.00038s latency).
PORT STATE SERVICE 443/tcp closed https
That means it's open from the firewall side, but nothing is listening
on
the port.
Which is interesting because `ss -tapn` shows otherwise and the log for mosquitto agrees:
1723324003: Config loaded from /mosquitto/config/mosquitto.conf. 1723324003: Opening ipv4 listen socket on port 1883. 1723324003: Opening ipv6 listen socket on port 1883. 1723324003: Opening ipv4 listen socket on port 8883. 1723324003: Opening websockets listen socket on port 443. 1723324003: mosquitto version 2.0.18 running --
And does it also listen on the external interface, and not just on the loopback?
I have not specified an IP address so it should be listening to all ports. Ports 1883 and 8883 are working.
Thanks, Richard
On 8/10/24 2:33 PM, Richard Shaw wrote:
On Sat, Aug 10, 2024 at 4:23 PM Franta Hanzlík via users <users@lists.fedoraproject.org mailto:users@lists.fedoraproject.org> wrote:
On Sat, 10 Aug 2024 16:08:50 -0500 Richard Shaw <hobbes1069@gmail.com <mailto:hobbes1069@gmail.com>> wrote: > Which is interesting because `ss -tapn` shows otherwise and the log for > mosquitto agrees:
What does the "ss" output show?
> 1723324003: Config loaded from /mosquitto/config/mosquitto.conf. > 1723324003: Opening ipv4 listen socket on port 1883. > 1723324003: Opening ipv6 listen socket on port 1883. > 1723324003: Opening ipv4 listen socket on port 8883. > 1723324003: Opening websockets listen socket on port 443. > 1723324003: mosquitto version 2.0.18 running > -- And does it also listen on the external interface, and not just on the loopback?I have not specified an IP address so it should be listening to all ports. Ports 1883 and 8883 are working.
A lot of applications will only listen on localhost if you don't tell them otherwise for security reasons.
-
Franta Hanzlík -
Richard Shaw -
Samuel Sieb