Debian Question posted in
The oficial documentation can be found here.

ufw firewall in GCP – Debian

I’ve a VM in Google Cloud and I’m trying to connect to it over TCP port 8890.
I’ve already set the Firewall rules in GCP so the problem in on VM firewall.

I’m using Debian 10 as OS and I’ve installed ufw. The output of ufw status command is:

Status: active

    To                         Action      From
    --                         ------      ----
    22/tcp                     ALLOW       Anywhere
    
    2222                       ALLOW       Anywhere
    21                         ALLOW       Anywhere
    Nginx Full                 ALLOW       Anywhere
    21/tcp                     ALLOW       Anywhere
    49152:65535/tcp            ALLOW       Anywhere
    5432                       ALLOW       Anywhere
    8890                       ALLOW       Anywhere
    8890/tcp                   ALLOW       Anywhere
    8890/udp                   ALLOW       Anywhere
    Anywhere                   ALLOW       127.0.0.1
    22/tcp (v6)                ALLOW       Anywhere (v6)
    2222 (v6)                  ALLOW       Anywhere (v6)
    21 (v6)                    ALLOW       Anywhere (v6)
    Nginx Full (v6)            ALLOW       Anywhere (v6)
    21/tcp (v6)                ALLOW       Anywhere (v6)
    49152:65535/tcp (v6)       ALLOW       Anywhere (v6)
    5432 (v6)                  ALLOW       Anywhere (v6)
    8890 (v6)                  ALLOW       Anywhere (v6)
    8890/tcp (v6)              ALLOW       Anywhere (v6)
    8890/udp (v6)              ALLOW       Anywhere (v6)

but if try to telnet localhost 8890 :

Trying ::1…
Trying 127.0.0.1…
telnet: Unable to connect to remote host: Connection refused

the output of netstat -tulpn | grep LISTEN command is:

tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      614/nginx: master p
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      607/sshd
tcp        0      0 0.0.0.0:5432            0.0.0.0:*               LISTEN      561/postgres
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      614/nginx: master p
tcp6       0      0 :::80                   :::*                    LISTEN      614/nginx: master p
tcp6       0      0 :::21                   :::*                    LISTEN      433/vsftpd
tcp6       0      0 :::22                   :::*                    LISTEN      607/sshd
tcp6       0      0 :::5432                 :::*                    LISTEN      561/postgres
tcp6       0      0 :::443                  :::*                    LISTEN      614/nginx: master p
Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    That's the log JSON from Google Cloud:

    {
insertId: "1m9sozhg3119gk8"
jsonPayload: {
connection: {
dest_ip: "10.132.0.2"
dest_port: 8890
protocol: 6
src_ip: "194.158.251.129"
src_port: 61330
}
disposition: "ALLOWED"
instance: {
project_id: "quokka-319212"
region: "europe-west1"
vm_name: "mkb-quokka"
zone: "europe-west1-b"
}
remote_location: {
continent: "Europe"
country: "che"
region: "Ticino"
}
rule_details: {
action: "ALLOW"
direction: "INGRESS"
ip_port_info: [
0: {
ip_protocol: "TCP"
port_range: [
0: "8890"
]
}
]
priority: 100
reference: "network:default/firewall:port-8890"
source_range: [
0: "0.0.0.0/0"
]
}
vpc: {
project_id: "quokka-319212"
subnetwork_name: "default"
vpc_name: "default"
}
}
logName: "projects/quokka-319212/logs/compute.googleapis.com%2Ffirewall"
receiveTimestamp: "2021-08-11T12:54:47.345480725Z"
resource: {
labels: {
location: "europe-west1-b"
project_id: "quokka-319212"
subnetwork_id: "4380110765229239135"
subnetwork_name: "default"
}
type: "gce_subnetwork"
}
timestamp: "2021-08-11T12:54:41.981790820Z"
}

    And that confirm the problem is on the istance and not in Google Cloud firewall


  2. 0

    This is expected behavior. In order to see

    tcp 0 0 0.0.0.0:8890 0.0.0.0:*

    Do the following

    1 apt-get install python # install python
2 python -m SimpleHTTPServer 8890 # server listening on port 8890
3 Open a new window #wheel top right corner > new connection to instance
4 netstat -tulpn | grep LISTEN

    Reason:
    netstat will only show the port if a service or other program is actually listening for incoming connections on that port.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search