listening but not connecting
Francis Daly
francis at daoine.org
Fri Jul 29 07:58:11 UTC 2016
On Thu, Jul 28, 2016 at 10:13:30PM -0400, Larry Martell wrote:
> On Thu, Jul 28, 2016 at 3:52 PM, Francis Daly <francis at daoine.org> wrote:
> > On Thu, Jul 28, 2016 at 03:01:17PM -0400, Larry Martell wrote:
Hi there,
> > From the nginx server, does "curl -v http://127.0.0.1/"
>
> That returns the django login page, which is what I would expect.
That much is all good.
> For that request nginx error log has:
>
> [error] 9257#0: *21 directory index of
> "/usr/local/motor/motor/static/" is forbidden, client: 127.0.0.1,
> server: localhost, request: "GET /static/ HTTP/1.1", host: "127.0.0.1"
That's also good.
> > Does "tcpdump" on the nginx server show any incoming port-80 traffic?
>
> I am trying to connect from 173 and the nginx host is 152. When I try
> and connect from the browser tcpdump shows messages like this:
>
> IP xx.xx.xx.173.58265 > xx.xx.xx.152.http: Flags [S], seq 2911544323,
> win 5840, options [mss 1460,sackOK,TS val 442582882 ecr 0,nop,wscale
> 2,unknown-76 0x01019887a79a0005,unknown-76 0x0c05,nop,eol], length 0
> IP xx.xx.xx.152 > xx.xx.xx.173: ICMP host 10.188.36.152 unreachable -
> admin prohibited, length 84
That says that the incoming traffic does get to xx.xx.xx.152, but that
machine says says that 10.188.36.152 is not accessible.
Assuming that those two .152 numbers are your nginx server, something
on it (that is not nginx) is blocking the traffic.
Does "iptables -L -v -n" show anything interesting? You said that you
disabled the firewall, so it probably is empty.
Is there more than one network interface on the nginx server, and do
you have reverse-path filtering (rp_filter) enabled on this interface? I
think that that can lead to the same signs.
Otherwise, you get to learn more about the security aspects of your
operating system :-(
Cheers,
f
--
Francis Daly francis at daoine.org
More information about the nginx
mailing list