# kldstat and see if you have pf.ko or ipfw.ko loaded. If not, you're probably not running a firewall on your machine unless you customized and recompiled the kernel already.CoolDemon said:mm... what?
i don't know, i just installed freebsd and something is blocking 2222 port
i try to enter http://mysite.com:2222 and a blank page comes out
options         IPFILTER                # Enable IPFilter
options         IPFILTER_LOG            # ... and IPFilter loggingpass in log quick from any to any keep statepass in quick on em0 proto tcp from any to any port = 2222 flags S/SA keep stateTracing the path to myhost (10.0.xx.xx) on TCP port 3000, 30 hops max
 1  * 10.0.xx.xx [closed] -3007.990 ms *
sudo kldstat
Id Refs Address            Size     Name
 1    3 0xffffffff80200000 1f67a88  kernel
 2    1 0xffffffff82219000 2c0b5    vboxguest.koHi SirDice,Is there anything actually listening on that port? If there is no service listening on that port the port will always be closed.
[git@myhost ~]$ tcptraceroute myhost 3000
Selected device lo0, address 10.0.xx.xx, port 60726 for outgoing packets
Tracing the path to myhost (10.0.xx.xx) on TCP port 3000, 30 hops max
 1  * 10.0.xx.xx [closed] -3036.291 ms *
[git@myhost ~]$ sudo kldstat
Id Refs Address            Size     Name
 1    3 0xffffffff80200000 1f67a88  kernel
 2    1 0xffffffff82219000 2c0b5    vboxguest.ko
[git@myhost ~]$ ps -aux | grep gitea
root   667   0.0  0.1  10468  2152  -  Is   19:56     0:00.00 daemon: gitea[669] (daemon)
git    669   0.0  1.0  60104 42068  -  I    19:56     0:02.50 /usr/local/sbin/gitea web
git   1738   0.0  0.0    412   328  0  R+   01:39     0:00.00 grep gitea
[git@myhost ~]$ netstat -an | grep 3000
tcp4       0      0 127.0.0.1.3000         *.*                    LISTEN
[git@myhost ~]$ sockstat -L4p 3000
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS   
[git@myhost ~]$ sudo service gitea status
gitea is running as pid 669.
I'm successful at:
[git@myhost ~]$ lynx myhost:3000
but not
[client@otherhost ~]$ lynx myhost:3000[git@myhost ~]$ ping -c 1 www.google.com
PING www.google.com (74.125.204.147): 56 data bytes
64 bytes from 74.125.204.147: icmp_seq=0 ttl=39 time=71.088 ms
--- www.google.com ping statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 71.088/71.088/71.088/0.000 msHi Herrbischoff,The fact that vboxguest.ko exists in the kldstat output leads me to believe that you are running this inside VirtualBox. If true, you will either have to set VirtualBox networking to "bridged" or set up port forwarding in the VirtualBox guest settings. This is probably a NAT issue, not a firewall issue.
telnet your.guest.ip.address 3000If it's already bridged, the guest should have received an IP address from your network. This should expose all running services on this IP, as kldstat shows you're not running a firewall. Therefore the basic setup appears to be correct. Try using the IP address instead of the hostname to find out if it's a DNS lookup issue. Also, try if you can telnet to the guest:
Code:telnet your.guest.ip.address 3000
client@otherhost:~$ telnet myhost 3000
Trying 10.0.xx.xx...
telnet: connect to address 10.0.xx.xx: Connection refused
telnet: Unable to connect to remote host
------------------------------------------------------------------------------------------------------------- 10:42:26
client@otherhost:~$ telnet myhost 22
Trying 10.0.xx.xx...
Connected to myhost.
Escape character is '^]'.
You are not welcome to use sshd from otherhost.
Connection closed by foreign host.
------------------------------------------------------------------------------------------------------------- 10:42:35Hi herrbischoff,Looking again at the netstat output you posted, I suspect the service you are running on port 3000 is binding to 127.0.0.1 (localhost). You will have to configure it to bind to 0.0.0.0 (entire IPv4 address pool) or the guests' IP address to make it externally accessible.
