Linux – how can I allow outgoing access to a port in firewall

firewalllinux

Im doing a file_get_contents but getting Connection refused

I used the following to allow outgoing connections from server2 to server1, and vice-versa. But I'm still getting failed to open stream: Connection refused

iptables -A OUTPUT -p tcp -d 123.123.123.123 --dport 8983 -j ACCEPT
iptables -A INPUT  -p tcp -s 321.321.321.321 --dport 8983 -j ACCEPT

Maybe there's some rule where i cant use file_get_contents between two different servers/ip?

I think for now i'll use curl, but interested to know what's not working here…

Best Answer

You are connecting to port 8983 on destination, so you must allow output traffic to that port on server 2, which you are:

iptables -A OUTPUT -p tcp -d 123.123.123.123 --dport 8983 -j ACCEPT

You should also accept incoming traffic on server 2 for related and established connections in general:

iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

Also, don't forget to add the corresponding rules on server 1:

iptables -A INPUT -p tcp -m tcp --dport 8983 -j ACCEPT
iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

If you are still unable to connect after setting this rules, you are probably being blocked by an intermediate firewall between server 1 and server 2.

If that's not the case, maybe server 1 is behind a NAT and you have to set the NAT router to forward incoming connections to 8983 to the same port on server 1 behind that router.

Best Answer

Related Solutions

Related Question