Why am I Unable to ping port 443 on Ubuntu?
Solution 1
The ping utility does what it's supposed to, hit the ping interface using ICMP, you can't just ping any port you like with it. I'm sure there's a million ways to do it but most people just use 'telnet IP port', i.e. 'telnet 1.2.3.4 25' to test connection.
Solution 2
You can't ping ports. What is happening is that 443 is being converted into an IP address and ping is attempting to contact that address (0.0.1.187).
Solution 3
PING 443 (0.0.1.187) 56(124) bytes of data.
Notice the IP address above is interpreted from the number 443 (1 x 2561 + 187 x 2560 = 443).
ICMP (of which ping
is a part of) is its own protocol on top of IP. UDP/IP, TCP/IP, and ICMP/IP. There are no ports involved in the ICMP protocol, so there's no port number option on the command line.
There are TCP ping applications that will perform similar functionality over TCP, and you may want to look at those. Manual review of TCP ports or services is often done using telnet
or nc
(netcat).
Solution 4
Try using NMap for your port pings.
nmap -p 443 10.4.0.197
Starting Nmap 5.61TEST1 ( http://nmap.org ) at 2011-12-13 13:19 Pacific Standard Time
Nmap scan report for somecomputer (10.4.0.197)
Host is up (0.00s latency).
PORT STATE SERVICE
443/tcp closed https
Nmap done: 1 IP address (1 host up) scanned in 0.64 seconds
Solution 5
Have you considered that ICMP cannot be used to test for connectivity to TCP/IP ports?
Use a tool like telnet or nmap to test the open or closed state of a port. Here's an example using Telnet to test for VMware connectivty. Here's some info on port scanning with nmap.
Related videos on Youtube
João Daniel
Updated on September 18, 2022Comments
-
João Daniel over 1 year
I have opened port 443 through
iptables
:pkts bytes target prot opt in out source destination 45 2428 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 6 1009 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 141 10788 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 7 1140 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 6 360 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
And it is listening as
netstat -a
indicates:Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:6311 *:* LISTEN tcp 0 0 *:ssh *:* LISTEN tcp 0 0 gauss:ssh ommited ESTABLISHED tcp 0 0 gauss:ssh ommited ESTABLISHED tcp6 0 0 localhost:8005 [::]:* LISTEN tcp6 0 0 [::]:8009 [::]:* LISTEN tcp6 0 0 [::]:www [::]:* LISTEN tcp6 0 0 [::]:ssh [::]:* LISTEN tcp6 0 0 [::]:https [::]:* LISTEN udp 0 0 *:mdns *:* udp 0 0 *:52703 *:* udp6 0 0 [::]:42168 [::]:* udp6 0 0 [::]:mdns [::]:*
However I can't ping port 443:
PING 443 (0.0.1.187) 56(124) bytes of data. ^C --- 443 ping statistics --- 7 packets transmitted, 0 received, 100% packet loss, time 6006ms
What's going on?
-
John Gardeniers over 12 yearsEven if you could ping a port, you need something on that port that understands the ping and responds appropriately. Chances are you have a web server on that port and web servers don't speak ping.
-
Hecter about 12 yearsIt may be helpful to get familiar with the OSI Reference Model. You can
ping
an IP (layer 3) address, but ICMP does not understand TCP (layer 4) port numbers.
-
-
João Daniel over 12 yearsHum, how should I test if my 443 port is receiving data? The address myaddress.com is not responding and I don't know where the fault is. Thanks!
-
João Daniel over 12 yearsAh ok! Thanks! I did it and got a
Connection refused
. I'll look it up! -
Wesley over 12 years@jdanielnd I updated my answer.
-
João Daniel over 12 yearsI'm not sure how to deal with it! Is it possible that I'm listening for both? I can access localhost:80 on my browser. Does Tomcat have any configuration about IPv6? Thanks!
-
Safado over 12 yearsI'm not a Tomcat user, so I can't help you there. I'm sure if you create a new question and paste your tomcat config you'll be able to get some help.
-
Steven Monday over 12 yearsOr use netcat:
nc -zvw 5 example.com 443
. -
RobotHumans over 12 years^-- this. telnet works. so does tcping
-
Tim over 12 yearsThis is what I would have answered. +1