Docker - This site can’t be reached
Are you sure that tomcat itself is listening on port 8080? Because the docker container is indeed listening on port 32768 and that port is opened in the firewall ( In fact entirely open because the policy is ACCEPT and there is no REJECT or DROP rule ), it seems that may be the problem.
You can verify with
docker exec -ti pensive_leakey ss -tln
Related videos on Youtube
Geoff B.
TL;NR: Lead dev in nantes france - web dev - robotics - arduino Après avoir passé un an aux États Unis, j'obtiens un Bachelor en systèmes d'information à Nantes en 2010 et intègre l'École de Design en tant que développeur Web. Passionné par la rencontre du tangible et du virtuel, je rejoins trois ans plus tard l'équipe du READI Design Lab en tant que Lead Developer. Mes compétences me permettent de développer des applications diverses et variées, depuis des applications Web et mobile, la réalisation de dispositifs interactifs via Arduino, jusqu’à la programmation de comportements avancés pour le robot NAO.
Updated on September 18, 2022Comments
-
Geoff B. over 1 year
I installed a tomcat image and ran a container:
[root@MY_IP ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e624bb55878f tomcat:7 "catalina.sh run" 43 minutes ago Up 43 minutes 0.0.0.0:32768->8080/tcp pensive_leakey
The logs show me that the tomcat server is running but when I check via a browser it tells me :
This site can’t be reached : MY_IP:32768 MY_IP refused to connect. ERR_CONNECTION_REFUSED
So MY_IP:32768 doesn't work. I thought it was a firewall problem so I checked my iptables and added a ligne:
[root@MY_IP ~]# iptables -L -n Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:6666 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:32768 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
And when I check with netstat it looks good:
[root@MY_IP ~]# netstat -tulpn Connexions Internet actives (seulement serveurs) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:27017 0.0.0.0:* LISTEN 1375/mongod tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 1240/mysqld tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 1101/vsftpd tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 976/named tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1087/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1335/master tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 976/named tcp 0 0 :::32768 :::* LISTEN 13085/docker-proxy tcp 0 0 :::80 :::* LISTEN 1348/httpd tcp 0 0 ::1:53 :::* LISTEN 976/named tcp 0 0 :::22 :::* LISTEN 1087/sshd tcp 0 0 ::1:953 :::* LISTEN 976/named udp 0 0 127.0.0.1:53 0.0.0.0:* 976/named udp 0 0 ::1:53 :::* 976/named
But I still have the same problem of connection refused. I made sure I restarted the service iptables.
What am I doing wrong here? I am running a CentOS release 6.7 (Final). Thanks
-
fghj about 8 yearsWhy only
state NEW tcp dpt:32768
? After connection established, and somebody start send data firewall reject it. -
Geoff B. about 8 yearsHi, I changed the entry to be exactly like the others : ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:32768 I restarted the service and I still have the same issue
-
Naveed Abbas about 8 yearsdon't touch your iptables, these are OK. But your netstat says 32768 only listens on IPv6 and not on IPv4. Are you sure browser is trying to access it via IPv6?
-
-
Geoff B. about 8 yearsHere is the output of your command: State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 0 ::ffff:127.0.0.1:8005 :::* LISTEN 0 0 :::8009 :::* LISTEN 0 0 :::8080 :::*