Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
|
04-28-2017, 02:08 PM
|
#1
|
LQ Newbie
Registered: Apr 2017
Posts: 7
Rep: 
|
Issues with CURL
I have curl installed on Linux VM1: 129.146.22.160. I have nginx installed on linux VM2: 129.146.34.164. I am able to SSH from VM1 to VM2. I am able to ping from VM1 to VM2. I have CURL installed on VM1. When I try "curl -verbose 129.146.34.164", I get connection timeout. Below is the console output:
_____
[opc@vm04 ansible]$ curl -verbose 129.146.34.164
* About to connect() to 129.146.34.164 port 80 (#0)
* Trying 129.146.34.164...
* Connection timed out
* Failed connect to 129.146.34.164:80; Connection timed out
* Closing connection 0
curl: (7) Failed connect to 129.146.34.164:80; Connection timed out
[opc@vm04 ansible]$
_____
I am expecting to see the nginx welcome home page when I run curl from VM1.
I see the nginx homepage when I run "curl localhost" on VM2.
Please suggest.
|
|
|
04-28-2017, 02:20 PM
|
#2
|
LQ Guru
Registered: Nov 2008
Location: Pictland
Distribution: Linux Mint 21 MATE
Posts: 8,048
|
Have you checked your firewall settings on VM2 to see if port 80 is blocked externally?
|
|
|
04-28-2017, 02:23 PM
|
#3
|
LQ Newbie
Registered: Apr 2017
Posts: 7
Original Poster
Rep: 
|
How to check that, sorry I am new to Linux...
Here is what I tried on VM2: and looks like the port is fine:
[opc@lb01 ~]$ netstat -an | grep 80 | grep -i listen
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp6 0 0 :::80 :::* LISTEN
unix 2 [ ACC ] STREAM LISTENING 25801 private/tlsmgr
unix 2 [ ACC ] STREAM LISTENING 25804 private/rewrite
unix 2 [ ACC ] STREAM LISTENING 25807 private/bounce
[opc@lb01 ~]$
Using username "opc".
Authenticating with public key "rsa-key-20170424"
Last login: Fri Apr 28 18:58:09 2017 from 67.124.172.254
[opc@lb01 ~]$ lsof -ni tcp:80
[opc@lb01 ~]$ netstat -nat | grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp6 0 0 :::80 :::* LISTEN
[opc@lb01 ~]$
Last edited by pspravin; 04-28-2017 at 02:25 PM.
|
|
|
04-28-2017, 02:53 PM
|
#4
|
LQ Guru
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,524
|
Well, use and check for http input. The machine can be listening on 80, but it can still be blocked.
|
|
|
04-28-2017, 02:59 PM
|
#5
|
LQ Newbie
Registered: Apr 2017
Posts: 7
Original Poster
Rep: 
|
Thanks, I tried this command on VM2 and I dont see "http input". here is the output on VM2: https://gist.github.com/pspravin/5ec...76c0e553e1dae4
I also tried a command I found via google and the output is:
on VM1:
[opc@vm04 ansible]$ </dev/tcp/129.146.34.164/80 && echo Port is open || echo Port is closed
on VM2:
[opc@lb01 ~]$ </dev/tcp/localhost/80 && echo Port is open || echo Port is closed
Port is open
Does that mean I need to open port 80 so it can connect from VM1? If yes, how to do it?
|
|
|
04-28-2017, 03:11 PM
|
#6
|
LQ Guru
Registered: Nov 2008
Location: Pictland
Distribution: Linux Mint 21 MATE
Posts: 8,048
|
On VM1, try:
Code:
sudo nmap -p 80 129.146.34.164
This will show if port 80 on VM2 is open in the eyes of VM1 (although I imagine that it will show it isn't, as per the original curl command).
|
|
|
04-28-2017, 03:14 PM
|
#7
|
LQ Newbie
Registered: Apr 2017
Posts: 7
Original Poster
Rep: 
|
[opc@vm04 ansible]$ sudo nmap -p 80 129.146.34.164
Starting Nmap 6.40 ( http://nmap.org ) at 2017-04-28 20:16 GMT
Nmap scan report for 129.146.34.164
Host is up (0.00034s latency).
PORT STATE SERVICE
80/tcp filtered http
Nmap done: 1 IP address (1 host up) scanned in 0.33 seconds
How can I open port 80 on VM2, so that VM1 can see it?
Last edited by pspravin; 04-28-2017 at 03:16 PM.
|
|
|
04-28-2017, 03:22 PM
|
#8
|
LQ Guru
Registered: Nov 2008
Location: Pictland
Distribution: Linux Mint 21 MATE
Posts: 8,048
|
Ok, back to first principles.
Which virtualisation package are you using? VMWare? VirtualBox? Another?
Which distros (and versions) are you running for VM1 and VM2?
Do you have selinux installed on either VM (run sestatus to find out).
|
|
|
04-28-2017, 03:31 PM
|
#9
|
LQ Newbie
Registered: Apr 2017
Posts: 7
Original Poster
Rep: 
|
Virtual Machines:
Red Hat Enterprise Linux Server release 7.3 (Maipo)
[opc@db01 ~]$ sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 29
|
|
|
04-28-2017, 03:49 PM
|
#10
|
LQ Guru
Registered: Nov 2008
Location: Pictland
Distribution: Linux Mint 21 MATE
Posts: 8,048
|
Ok, thanks.
This guy here - http://stackoverflow.com/questions/3...nd-curl-doesnt - resolved a similar problem by disabling selinux and iptable_filter. It seems a bit over the top, but you could do that and then work backwards to see what is actually preventing the communication.
Given that you're using Red Hat, I assume that you have a licence with them - have you contacted them about this problem?
|
|
|
04-28-2017, 03:51 PM
|
#11
|
LQ Newbie
Registered: Apr 2017
Posts: 7
Original Poster
Rep: 
|
Actually, we are currently piloting Ansible and devops. For that we have pilot cloud instance for few weeks and there is no support involved.
|
|
|
04-28-2017, 03:52 PM
|
#12
|
LQ Guru
Registered: Nov 2008
Location: Pictland
Distribution: Linux Mint 21 MATE
Posts: 8,048
|
Quote:
Originally Posted by pspravin
Actually, we are currently piloting Ansible and devops. For that we have pilot cloud instance for few weeks and there is no support involved.
|
Ok, do you know how to disable selinux? If so, do that for both VMs (to be extra sure), and then try the curl again.
|
|
|
04-28-2017, 06:22 PM
|
#13
|
LQ Guru
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,524
|
Port 80 is not blocked by iptables. So, it must be selinux.
|
|
|
05-01-2017, 12:34 AM
|
#14
|
LQ Newbie
Registered: Apr 2017
Posts: 7
Original Poster
Rep: 
|
selinux seems to be related to security of Linux. Is there any other impact if I turn this off? though this is a test instance, I am trying to be cautious, please suggest.
|
|
|
All times are GMT -5. The time now is 10:34 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|