I want to open a tcp port (5432) on a mac server to remotely using sql.
I installed psql9.4 using brew.
Initially I tried:
Open /etc/pf.conf in a text editor.
Add a line like this:
pass in proto tcp from any to any port 5432
Save the file.
Load the changes (and test them) with:
sudo pfctl -vnf /etc/pf.conf
Reboot.
I used network utility to check if the port was opened. But no luck.
Then I downloaded IceFloor.
I added custom Rules:
pass on en0 net photo tcp from any to any port =5432 flags S/SA keep state
Also added a new custom service to PFLists Service Database:
service name: PSQL
ports 5432
Still no luck...
Any suggestions?
Thank you
Related
les
I created the instance from boot image.
but always can not open port 7000 via firewall rules...and egress is (allow all), anybody knows where the problem is?
System: Debian 10
ssh in terminal and
sudo natstat -plnt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 458/sshd
tcp6 0 0 :::22 :::* LISTEN 458/sshd
Is there any way to turn the port 7000 on ?
Encoutered the same issue when tring to open other ports like 5678...etc.
First of all you need to set the GCP firewall rule as "ingress".
Ingress is needed to allow incoming connections to the instance.
Regarding the ports, it does not open or activate by itself or in automatic, you need to have a service listening on that port.
However there are some tools used which allows you to activate the port by some time for testing purposes.
You can use tools like iperf3 to activate the port.
Install iperf3 for your vm with the command below.
sudo apt-get install iperf3
Once you have installed iperf3 you need to run the command below. ("-s" indicates your instance is in "server" mode, the "-p" is to set the port you prefer)
iperf -s -p 7000
On your remote machine (Client) you also need to install iperf3, if it is also a linux machine you can try the same command I mentioned earlier.
Once you have installed iperf3 use the below comamnd to reach the VM pointing the port 7000. ("-c" indicates client mode,the "-p" is to set the port the server is listening).
iperf -c [server ip address] -p 7000
Please refer to iperf
Another useful tool is netcat
Using Add rule in windows firewall, I was able to open TCP port 15537. When i am trying to executing command netstat -ano on terminal windows, this port is not listed. I tried to execute telnet command on terminal window (e.g. telnet IP port) but getting
Connecting To localhost...Could not open connection to the host, on port 15537: Connect failed
Then I downloaded PortQry application and execute it from different machine, this machine is also in the same network, the result I received was
"Not Listening".
I already spent more than 2 days and asked internal group but could not find solution.
Note: both machines are having Windows 10 OS.
No solution is needed as no problem is indicated in the question. You have opened a TCP port successfully. You have not made any attempt to cause anything to listen to that TCP port.
It's not clear what results you expected, but you got the results that you should have expected. Nothing is wrong. The port is open because you opened it. Nothing is listening on that port because you didn't set anything to listen on that port.
There may be some forwarding rules? Since the purpose of access is not on the local machine, the netstat command cannot see the port on listening, but it can see the next action based on this port, usually to do some forwarding
I am not very familiar with windows firewall configuration, but I know that if there is a forwarding rule in linux, like
-p tcp -m tcp --dport 8080 -j {other forwading chain}
we can not see 8080 listening on this host (netstat -tunpl), but telnet host:8080 may see connected
Use nmap instead of netstat for detecting opening port
nmap -p your_port_number your_local_ip
Run service on that port
For eg- In my case,in order to open port,I use
"service ssh start" or "service apache2 start "and it's open port 22 and 80 for connection respectively in my linux machine.
On using nmap in my lan network both ports opened.
Hope it help
I am currently running a docker machine in local network that its IP & port is 192.168.99.100:8080
right now. I want to connect this machine from somewhere out of the local network and access it, so the best way I found is to NAT the sent request from my laptop computer to docker machine.
In other words, each request that has been sent to my laptop computer will be sent to the docker machine on its own IP and port!
I use pfctl to do this but when I check the port 8585 to find out which service is listening to this port, I can't find anything and it sounds like the requests do not arrive(get to) the destination!
I did as below:
1- csrutil disable
2- my pf role :
/etc/pf.anchors/mazafard:
rdr pass on en0 inet proto tcp from any to 192.168.20.203 port 8585 -> 192.168.99.100 port 8080
3- my pf conf
/etc/pf-mazafard.conf
rdr-anchor "forwarding"
load anchor "forwarding" from "/etc/pf.anchors/mazafard"
and
sudo pfctl -vnf /etc/pf.anchors/mazafard
pfctl: Use of -f option, could result in flushing of rules
present in the main ruleset added by the system at startup.
See /etc/pf.conf for further details.
rdr pass on en0 inet proto tcp from any to 192.168.20.203 port = 8585 -> 192.168.99.100 port 8080
and
sudo pfctl -evf /etc/pf.anchors/mazafard
fctl: Use of -f option, could result in flushing of rules
present in the main ruleset added by the system at startup.
See /etc/pf.conf for further details.
No ALTQ support in kernel
ALTQ related functions disabled
rdr pass on en0 inet proto tcp from any to 192.168.20.203 port = 8585 -> 192.168.99.100 port 8080
pfctl: pf already enabled
and
telnet 192.168.20.203 8585
Trying 192.168.20.203...
telnet: connect to address 192.168.20.203: Operation timed out
telnet: Unable to connect to remote host
My OSX v: 10.11.4
Docker version 1.9.1, build a34a1d5
Boot2Docker version 1.11.0-rc3, build
Is there anyway to bind a program on Mac OS to :80 without root privilege, like on Linux for exemple having user www to be able to do so.
Any ideas ? Thanks
Is your concern that you don't want nginx running as root or that you don't have root access?
Nginx has a user config option which will drop root after binding to the port.
If you don't have root access the best solution I know of on OS X is to use pf to setup ip redirection to a non-priviliged port, however you'll still need to get someone with root access to do this.
The config for pf is stored in /etc/pf.conf - I believe that you can simply add rules to this file and reload pf for them to take effect.
rdr pass inet proto tcp from any to any port 80 -> 127.0.0.1 port 8080
rdr pass inet proto tcp from any to any port 443 -> 127.0.0.1 port 8081
Then reload pf with sudo pfctl -F all -ef /etc/pf.conf and configure nginx to listen on the ports to redirected to.
We have to use port 80 for our server. But when I was trying to use it in Mac, it always said that the 80 is used, but I don't know which program uses it.
I searched it in Google, and someone said it's about apache, but I tried, which is not working. I found this: https://gist.github.com/kujohn/7209628 , but seems it's not working visiting our server by IP address.
I really don't know what's going on and how can I find out which program using port 80 and stop it.
Many thanks if anyone can help, I'm new using Mac. Thanks.
To find out what process is using port 80
go to Applications
open utilities.
open Activity Monitor.
click on the Memory tab,
look at the ports and the processes using them. Find port 80 and select it
go to the view on the menu bar and choose Quit process.
This will just kill the process, it will not stop a server instance that is already running from continuing to run.
(Correction: the Ports column shows the number of open ports (and files?), not the port number)
It is not clear if you are using a database management system or not and which one but one method that has worked for me using MAMP is as follows.
stop the server by using sudo apachectl stop command.
then change the port to port 80.
then restart your servers.
type the following in Terminal
sudo lsof -i -n -P | grep TCP
you will get a list - e.g. dropbox listens on 80
you can copy the output to a text editor, etc to search
On Mac ports below 1024 can only be bound by the root user.
Try launching your server as root user (with sudo), or try to use a port above 1024.
You can also try to add root permissions to your user in /etc/sudoers
# root and users in group wheel can run anything on any machine as any user
root ALL = (ALL) ALL
%admin ALL = (ALL) ALL
your_user_here ALL = (ALL) ALL
I was having this issue, apache was disabled via launchctl, but was still tying up port 80 after launch, I could start up apache and it would work, but after unloading it, I couldn't start up anything on port 80. I was using the built in web server for Python as an easy test. It would work on port 81, but not on port 80.
sudo python -m SimpleHTTPServer 80 -- wouldn't work
sudo python -m SimpleHTTPServer 81 -- would work
Here are the symptoms:
$ launchctl unload -w /System/Library/LaunchDaemons/org.apache.httpd.plist
/System/Library/LaunchDaemons/org.apache.httpd.plist: Could not find specified service
$ sudo lsof -i ':80'
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
Python 3353 root 3u IPv4 0xe455777a82799f05 0t0 TCP *:http (LISTEN)
The fix for me (after way too much searching) was simple:
sudo pfctl -F all
This flushed the packet filter, releasing port 80 (and others I assume 8080, 443, whatever ports apache might be tying up)
After that, and relaunching the python server, it came right up.
Might be Skype that is using port 80. If you have Skype installed and running try to change to a different port in the settings.
Port numbers in the range from 0 to 1023 are classified as 'well-known' and port number 80 is reserved for HTTP. Typically you have servers listening on port 80 to handle HTTP requests.
Source:
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers