Hello all,
I have problem with opening port in firewalld on Centos 7.
Situation:
I have server Alfa on which i run tomcat and i configured jmx port to get data about java on port 9999.
Now, on server Beta, i set up docker container with jmx-scraper image to scrape the data about tomcat on server Alfa ( configured to read data from port 9999 on server Alfa). Problem is that the scraper cannot access the port 9999 when firewall is started on server Alfa. When i stop firewall, then scpraping is happening fine.
Firewall details:
Code:
firewall-cmd --zone=public --list-ports --permanent
10051/tcp 10050/tcp 80/tcp 443/tcp 8080/tcp 9100/tcp 9999/udp 9999/tcp
Code:
firewall-cmd --get-active-zones
public
interfaces: eth0
Code:
firewall-cmd --zone=public --list-all --permanent
public
target: default
icmp-block-inversion: no
interfaces:
sources:
services: dhcpv6-client ssh
ports: 10051/tcp 10050/tcp 80/tcp 443/tcp 8080/tcp 9100/tcp 9999/udp 9999/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
Code:
netstat -plaunt | grep 9999
tcp 0 0 0.0.0.0:9999 0.0.0.0:* LISTEN 23434/java
I tried to interfere with direct mode, but it also doesnt seem to help. Iptables service is disabled.
Logs from container:
Code:
SEVERE: JMX scrape failed: java.rmi.ConnectIOException: Exception creating connection to: <server Alfa>; nested exception is:
java.net.NoRouteToHostException: No route to host (Host unreachable)
When i stop firewall on server alfa, it immediately starts to work..