LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Bazaar (bzr) port (4155) is open or closed? (https://www.linuxquestions.org/questions/linux-networking-3/bazaar-bzr-port-4155-is-open-or-closed-4175422374/)

vichor 08-16-2012 05:10 AM
Bazaar (bzr) port (4155) is open or closed?
 
Hi all,

I have a small bazaar (bzr) server at home, just for fun. In my LAN, I can with no problem download/upload branches from/to the server.

Yesterday I decided to open the port to be able to access the repository from my office, so I changed my router configuration to open the port and checked my server's iptables and so on. Even I created a script to email me my public IP when changed (and this works! :)).

Well, my knowledge on networking is quite limited, so I just used the router's web to open the port (in fact, I already opened it when I created the server months ago, but I didn't remember this), and used Firestarter on the server to set up its iptables.

Checking with nmap, the port is reported as open in my server if using the local IP (192.168.blahblah), but reported as closed when using public IP.

Besides, if I try a bzr command, it works using the local IP address, but again it does not work with the public IP.

Testing also telnet over port 4155 (bzr's default) does not work with public IP.

But, when checking port availability through this web, it is reported as open.

So, the port is actually open or closed? I assume the answer is "closed. In this case, which is the problem and how may I fix it?

Thanks!!

frankbell 08-16-2012 08:09 PM
The first question that comes to me is this: Is port forwarding configured in the router to forward incoming calls on that port to the bzr server?

vichor 08-17-2012 01:08 AM
I think I configured the port forwarding in the router. I assigned the port 4155 to the server's address using the NAT configuration web interface of the router. Anyway, I will double check this this afternoon at home.

vichor 08-17-2012 01:56 PM
OK I have checked the router's iptables and filtering about 4155 port I see this:

Chain USERFORWARD (1 references)
target prot opt source destination
...
ACCEPT udp -- anywhere 192.168.1.111 udp dpt:4155
ACCEPT tcp -- anywhere 192.168.1.111 tcp dpt:4155
...

There is no other rule regarding the 4155 port.

Is this a proper port forwarding?
Of course, 192.168.1.111 is the address of the server.

vichor 08-18-2012 02:55 PM
More details about the router's iptables:

Code:
# iptables -nvL -t nat
Chain PREROUTING (policy ACCEPT 4466 packets, 305K bytes)
 pkts bytes target    prot opt in    out    source              destination   
...
    0    0 DNAT      tcp  --  ppp0  *      0.0.0.0/0            0.0.0.0/0          tcp dpt:4155 to:192.168.1.111
    0    0 DNAT      udp  --  ppp0  *      0.0.0.0/0            0.0.0.0/0          udp dpt:4155 to:192.168.1.111
So the prerouting chain is there. And checking the Forward rule:

Code:
# iptables -nvL
Chain FORWARD (policy ACCEPT 120K packets, 13M bytes)
 pkts bytes target    prot opt in    out    source              destination       
...
 168K  207M USERFORWARD  all  --  ppp0  *      0.0.0.0/0            0.0.0.0/0         
...
    0    0 DROP      all  --  ppp0  *      0.0.0.0/0            0.0.0.0/0         

Chain USERFORWARD (1 references)
 pkts bytes target    prot opt in    out    source              destination       
...
    0    0 ACCEPT    udp  --  ppp0  *      0.0.0.0/0            192.168.1.111      udp dpt:4155
    0    0 ACCEPT    tcp  --  ppp0  *      0.0.0.0/0            192.168.1.111      tcp dpt:4155
...
It seems that the port forwarding is there :S

Do the order of the rules have something to do? Is it possible for a previous rule to be forbidding the connection?


All times are GMT -5. The time now is 06:25 AM.