I have a Ubuntu 16.04 VM and when I run curl http://192.168.254.42
(the eth0 IP address) it quickly replies with connection refused. However, the server is definitely listening on 0.0.0.0
and can be accessed by other computers on the network using that same address in the browser. curl http://192.168.254.1
returns the html of my router admin page.
Of course this wouldn't normally be a blocker, but this also means that VPN clients connected to the server cannot access the server itself using the eth0 IP address (which clients on the network use). I've never run into this problem before, and Google brings up the obvious "listening on localhost", which isn't the case here.
I can ping the eth0 ip address from the terminal (i.e. ping itself) and it responds properly. A traceroute from a VPN client also looks correct. But accessing the http://192.168.254.42 immediately responds with connection refused.
Here is netstat -tulpn
output.
$ netstat -tulpn | grep :80
tcp6 0 0 :::80 :::* LISTEN 5724/index-lib
$ netstat -tulpn | grep :85
tcp6 0 0 :::85 :::* LISTEN 1212/server.js
$ netstat -tulpn | grep :81
tcp6 0 0 :::81 :::* LISTEN 1515/apache2
Setting it to Port 86 works. And another NodeJS server is running on port 85 as well and can be accessed just fine. So it's not a problem with the NodeJS side of things.
Old info
The webserver is a single NodeJS v10.16.3 HTTP server instance listening on 0.0.0.0
.
Listening on 192.168.254.42
does not work either.
More importantly, an Apache webservice listening on port 81 can be accessed just fine.
Chrome says ERR_CONNECTION_FAILED
, but it does it almost instantly.
No iptables rules are set.
A NodeJS process is listening on Port 85 and can be accessed in the same manner.
Here is netstat -tulpn
output.
$ netstat -tulpn | grep :80
tcp6 0 0 :::80 :::* LISTEN 5724/index-lib
$ netstat -tulpn | grep :85
tcp6 0 0 :::85 :::* LISTEN 1212/server.js
$ netstat -tulpn | grep :81
tcp6 0 0 :::81 :::* LISTEN 1515/apache2
The command I am using to check this is
$ curl http://192.168.254.42
curl: (7) Failed to connect to 192.168.254.42 port 80: Connection refused
Port 81 and 85 return expected HTML.
Setting it to listen on port 86 makes it accessible! So it's not on the NodeJS side, I don't think.
I don't have the rep to post a comment asking for clarification so I'm just going to take a punt at the answer. You're talking about what IP address your node app is listening on however I've never had to configure this in any of my node apps. I'm guessing you have code that looks something like this:
Both the port and ip here are optional so if you want to listen on port 80 then just ditch both of them. If you're listening on a different port ditch the IP and let Node figure it out.
You mentioned an Apache server on 81, I'm presuming that you are attempting to connect to Node directly and you're not going through Apache to get to Node.
If the above doesn't help post the relevant code from your node app,
cat /etc/hosts
, andsudo netstat -tulpn
. If you're going via Apache then post the relevant Apache configs as well (i.e. the virtual host entry in/etc/apache2/sites-enabled/
).I found this line in
/etc/rc.local
.iptables -t nat -A OUTPUT -o lo -p tcp --dport 80 -j REDIRECT --to-port 8080
Problem found!
This answer says why the rule did not show up in
iptables -L
: https://serverfault.com/a/685948/32875.