How do I enable tcp incoming port

[pcarver]

Hello. You folks have helped me out many times before, I hope you can again. I'm setting up Tomcat and should be able to telnet to port 8007 for testing. I can do this on computer A fine. I run netstat -a and see:

tcp 0 0 *:8007 *:* LISTEN

And I can telnet into this port. Cool. But on computer B, I can't telnet (connection refused) and I don't see this port using netstat. How do I enable port 8007 for incoming tcp? On computer B, I don't have a filewall and my ipchains is:

Chain input (policy ACCEPT):
Chain forward (policy ACCEPT):
Chain output (policy ACCEPT):

Neither computer has anything (from what I can tell) about port 8007 in /etc/services.

Any ideas? /paul

 

[marsd]

Umm..Okay your server is what you need to worry about
with firewalling rules. Check the tomcat serving box
for any PF rules, and then the tomcat/server acls.

 

[ifincham]

Hi,

Like marsd says, you wouldn't expect to see a listening connection on port 8007. Its box A that is listening for connections.

If B is a linux box you could always run nmap against box A to see if port 8007 is shown as open.

nmap -sS -O 127.0.0.1 (change 127.0.0.1 to the IP of box A)

Regards

 

[pcarver]

Well, maybe I mis-commuicated the problem. Computers A and B are not talking to each other. I already have tomcat running on computer A and just want to bring up a duplicate system...computer B. Stuff works on computer A, but not computer B and I can't figure out why.

Computer A's netstat shows that port 8007 is in LISTEN state. Maybe this is done by tomcat...bottom line is that I can't figure out why on computer A I can telnet to port 8007, but on computer B, it gives me "connection refused".

BTW...I'm running Redhat linux 7.1, but don't seem to have an nmap binary and don't know anything about PF.

/paul

 

[marsd]

Ideally, just duplicating the first machines software
environment on B would accomplish this.
Same packages, same config, etc...
If the install is already done and you do not want to redo
it make sure that all packages installed on A are installed
on B, that all running services on A are also running on B, etc..
In this case where the problem is undefined , basically
a "It doesn't work.." type thing, you need to give your
self a model (machine A) and see where you have it wrong
by comparison.

BTW
PF=packet filter.
nmap=portscanner/security tool

 

[ifincham]

Hi,

Hmmm ... thats obviously different. It certainly sounds to me like there is nothing listening on port 8007 on box B. You should be getting something like this in your logs :

2001-12-01 14:23:30 - Http10Interceptor: Starting on 8080
2001-12-01 14:23:30 - Ajp12Interceptor: Starting on 8007
2001-12-01 14:23:30 - Ajp13Interceptor: Starting on 8009

You can double-check on listeners with 'lsof' (must be as root) :

/usr/sbin/lsof -i TCP:8007

Do you get anything on

http://localhost:8080

?

I can only suggest you copy the configs from box A and/or go through the documenation at -->

http://jakarta.apache.org/tomcat/

.

Incidentally, if you want nmap on redhat 7.1 just download and install the following two 'powertools' rpms :

http://www.mirror.ac.uk/sites/ftp.r...ls/i386/RedHat/RPMS/nmap-2.54BETA7-3.i386.rpm

http://www.mirror.ac.uk/sites/ftp.r...edHat/RPMS/nmap-frontend-2.54BETA7-3.i386.rpm

You run the gui (frontend) one as root from an X window as 'nmapfe &' .

Hope this helps