I have a VPS instance running FreeBSD (on Hetzner). I started nginx on it.
When I am ssh'd into the server, I get a response:
However, when I try to connect on my own device:
I have searched on how to fix it, but have thusfar not been able to solve it.
Here's some information that might be useful:
- Running
returns
- This IP address is the same address as my VPS provider shows in the server management tool
- My firewall (using pf) (pf.conf)
- Last 2 entries of
Any help is much appreciated as I've hit a roadblock on trying to fix this.
When I am ssh'd into the server, I get a response:
Bash:
$ curl <server-ip-address>
<default nginx response>However, when I try to connect on my own device:
Bash:
$ curl http://<server-ip-address>
curl: (28) Failed to connect to <server-ip-address> port 80 after 8710 ms: Couldn't connect to serverI have searched on how to fix it, but have thusfar not been able to solve it.
Here's some information that might be useful:
- Running
Code:
ifconfig vtnet0
Code:
inet <server-ip-address>- My firewall (using pf) (pf.conf)
Rich (BB code):
## Set public interface ##
ext_if = "vtnet0"
## Set server public IP address
ext_if_ip = "<server-ip-address>"
## Set and drop IP ranges on public interface ##
martians = "{ 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, \
10.0.0.0/8, 169.254.0.0/16, 192.0.2.0/24, \
0.0.0.0/8, 240.0.0.0/4 }"
## Set http (80) and https (443) ports ##
webports = "{http, https}"
## enable services ##
int_tcp_services = "{domain, ntp, smtp, www, https, ftp, ssh}"
int_udp_services = "{domain, ntp}"
## Skip loop back interface ##
set skip on lo
## Sets the interface for which PF should gather statistics such as bytes in/o
set loginterface $ext_if
## Set default policy ##
block return in log all
block out all
# Drop all Non-Routable Addresses
block drop in quick on $ext_if from $martians to any
block drop out quick on $ext_if from any to $martians
## Blocking spoofed packets
antispoof quick for $ext_if
# Allow SSH from any IP address
pass in inet proto tcp to $ext_if port ssh
# Allow Ping-Pong stuff. Be a good sysadmin
pass inet proto icmp icmp-type echoreq
# All access to our Nginx/Apache/Lighttpd Webserver ports
pass proto tcp from any to $ext_if port $webports
# Allow essential outgoing traffic
pass out quick on $ext_if proto tcp to any port $int_tcp_services
pass out quick on $ext_if proto udp to any port $int_udp_services
Code:
tcpdum -n -e -ttt -r /var/log/pflog
Code:
00:01:06.020635 rule 0/0(match): block in on vtnet0: <some-ip-address (not mine)> > <server-ip-address>: Flags [S], seq 3213013147, win 64240, options [mss 1460, [|tcp]
00:02:17.580326 rule 0/0(match): block in on vtnet0: <some-ip-address (not mine)> > <server-ip-address>: Flags [S], seq 3170210564, win 65535, length 0