# kldstat
and see if you have pf.ko or ipfw.ko loaded. If not, you're probably not running a firewall on your machine unless you customized and recompiled the kernel already.CoolDemon said:mm... what?
i don't know, i just installed freebsd and something is blocking 2222 port
i try to enter http://mysite.com:2222 and a blank page comes out
options IPFILTER # Enable IPFilter
options IPFILTER_LOG # ... and IPFilter logging
pass in log quick from any to any keep state
pass in quick on em0 proto tcp from any to any port = 2222 flags S/SA keep state
Tracing the path to myhost (10.0.xx.xx) on TCP port 3000, 30 hops max
1 * 10.0.xx.xx [closed] -3007.990 ms *
sudo kldstat
Id Refs Address Size Name
1 3 0xffffffff80200000 1f67a88 kernel
2 1 0xffffffff82219000 2c0b5 vboxguest.ko
Hi SirDice,Is there anything actually listening on that port? If there is no service listening on that port the port will always be closed.
[git@myhost ~]$ tcptraceroute myhost 3000
Selected device lo0, address 10.0.xx.xx, port 60726 for outgoing packets
Tracing the path to myhost (10.0.xx.xx) on TCP port 3000, 30 hops max
1 * 10.0.xx.xx [closed] -3036.291 ms *
[git@myhost ~]$ sudo kldstat
Id Refs Address Size Name
1 3 0xffffffff80200000 1f67a88 kernel
2 1 0xffffffff82219000 2c0b5 vboxguest.ko
[git@myhost ~]$ ps -aux | grep gitea
root 667 0.0 0.1 10468 2152 - Is 19:56 0:00.00 daemon: gitea[669] (daemon)
git 669 0.0 1.0 60104 42068 - I 19:56 0:02.50 /usr/local/sbin/gitea web
git 1738 0.0 0.0 412 328 0 R+ 01:39 0:00.00 grep gitea
[git@myhost ~]$ netstat -an | grep 3000
tcp4 0 0 127.0.0.1.3000 *.* LISTEN
[git@myhost ~]$ sockstat -L4p 3000
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS
[git@myhost ~]$ sudo service gitea status
gitea is running as pid 669.
I'm successful at:
[git@myhost ~]$ lynx myhost:3000
but not
[client@otherhost ~]$ lynx myhost:3000
[git@myhost ~]$ ping -c 1 www.google.com
PING www.google.com (74.125.204.147): 56 data bytes
64 bytes from 74.125.204.147: icmp_seq=0 ttl=39 time=71.088 ms
--- www.google.com ping statistics ---
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 71.088/71.088/71.088/0.000 ms
Hi Herrbischoff,The fact that vboxguest.ko exists in the kldstat output leads me to believe that you are running this inside VirtualBox. If true, you will either have to set VirtualBox networking to "bridged" or set up port forwarding in the VirtualBox guest settings. This is probably a NAT issue, not a firewall issue.
telnet your.guest.ip.address 3000
If it's already bridged, the guest should have received an IP address from your network. This should expose all running services on this IP, as kldstat shows you're not running a firewall. Therefore the basic setup appears to be correct. Try using the IP address instead of the hostname to find out if it's a DNS lookup issue. Also, try if you can telnet to the guest:
Code:telnet your.guest.ip.address 3000
client@otherhost:~$ telnet myhost 3000
Trying 10.0.xx.xx...
telnet: connect to address 10.0.xx.xx: Connection refused
telnet: Unable to connect to remote host
------------------------------------------------------------------------------------------------------------- 10:42:26
client@otherhost:~$ telnet myhost 22
Trying 10.0.xx.xx...
Connected to myhost.
Escape character is '^]'.
You are not welcome to use sshd from otherhost.
Connection closed by foreign host.
------------------------------------------------------------------------------------------------------------- 10:42:35
Hi herrbischoff,Looking again at the netstat output you posted, I suspect the service you are running on port 3000 is binding to 127.0.0.1 (localhost). You will have to configure it to bind to 0.0.0.0 (entire IPv4 address pool) or the guests' IP address to make it externally accessible.