iptables has port 80 open but nmap shows it closed

debian web-server iptables port nmap
22,113

From the output of netstat -lnp | grep 80, it seems that your apache server is listening on the port 8080 not the default one 80.

Also, the line:

8080/tcp open  http-proxy

from nmap output confirms this fact.

In summary, the port 80 is not open in your machine as apache is listening on 8080 instead.

Share:
22,113

Related videos on Youtube

zeptonaut
Author by

zeptonaut

Updated on September 18, 2022

Comments

  • zeptonaut
    zeptonaut over 1 year

    I'm having some troubles getting a Debian webserver to open up port 80 for HTTP traffic. In my iptables, I opened up port 80 using the following commands:

    iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p udp --dport 80 -j ACCEPT

    Running an iptables -L then showed the following rules:

    Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     udp  --  anywhere             anywhere             udp dpt:www
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:www

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

    However, after all of this, I ran nmap -sS 127.0.0.1 and discovered that port 80 still isn't open. Here are the results:

    Nmap scan report for localhost (127.0.0.1)
Host is up (0.0000080s latency).
Not shown: 995 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
25/tcp   open  smtp
111/tcp  open  rpcbind
3306/tcp open  mysql
8080/tcp open  http-proxy

    How is it possible for rules to be in place to open a port in iptables but still have that same port closed in Nmap? Does anyone have any ideas?

    • Khaled
      Khaled over 12 years
      Is your web server running? Can you post the output of telnet 127.0.0.1 80?
    • zeptonaut
      zeptonaut over 12 years
      Sure thing! Trying 127.0.0.1... telnet: Unable to connect to remote host: Connection refused
    • Khaled
      Khaled over 12 years
      The connection refused error means there is no process listening on the port. Can you post the output of sudo netstat -lnp | grep 80?
    • zeptonaut
      zeptonaut over 12 years
      tcp6 0 0 :::8080 :::* LISTEN 30191/apache2
  • zeptonaut
    zeptonaut over 12 years
    Ahhhh, right you are! It turns out that nmap shows the ports being listened on, not the ports that are currently open. When I switched to port 80 in my apache ports.conf and sites.enabled files, nmap now shows port 80 open. Thank you!

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

iptables rule to drop SYN and FIN attacks
converting rpm files to debian error (package build failed)
How to open port on Debian
How to open port 21?
Configuring a custom log file for iptables
Block port 111 on centos 7
Cannot open port 8080
What are the default nmap options?
Forward connections on 0.0.0.0:80 to 127.0.0.1:9091
Using nmap to traceroute on a specific port