Linux – Can’t open port with ufw

I need to open the port 8081 for my application. I want to connect to the application from another server. Problem I can't open the port.
I started the application with port 8081 and ip 0.0.0.0 and 127.0.0.1
,I enabled ufw /disabled ufw, I read the tutorial https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-with-ufw-on-ubuntu-20-04

my system:

Distributor ID: Ubuntu D

description: Ubuntu 20.04 LTS

Release: 20.04

Codename: focal

Output of sudo lsof -i -P -n | grep LISTEN:

app 4431 foo 27u IPv4 64011 0t0 TCP *:8081 (LISTEN)

output of sudo ufw status

Status: active

To Action From
— —— —-
22/tcp ALLOW Anywhere
8081/tcp ALLOW Anywhere
22 ALLOW Anywhere
8081 ALLOW Anywhere
22/tcp (v6) ALLOW Anywhere (v6)
8081/tcp (v6) ALLOW Anywhere (v6)
22 (v6) ALLOW Anywhere (v6)
8081 (v6) ALLOW Anywhere (v6)

nmap output:

Starting Nmap 7.80 ( https://nmap.org ) at 2020-06-09 21:03 UTC
Nmap scan report for myip.bc.googleusercontent.com (myip)
Host is up (0.00062s latency).
Not shown: 999 filtered ports
PORT STATE SERVICE
22/tcp open ssh

Nmap done: 1 IP address (1 host up) scanned in 8.19 seconds

Also

nmap is a bit slow, so you might want to try connecting directly with either telnet or nc:

$ telnet myip.bc.googleusercontent.com 8081 Trying 123.123.123.123... Connected to myip.bc.googleusercontent.com. Escape character is '^]'. ^]

$ nc -zv myip.bc.googleusercontent.com 8081 Ncat: Version 7.80 ( https://nmap.org/ncat ) Ncat: Connected to 123.123.123.123:1234. Ncat: 0 bytes sent, 0 bytes received in 0.24 seconds.

Best Answer

If you are using a google cloud compute instance, your instance probably has a VPC with its own default firewall rules:

https://cloud.google.com/vpc/docs/firewalls

The default network is pre-populated with firewall rules that allow incoming connections to instances. These rules can be deleted or modified as necessary:

default-allow-internal Allows ingress connections for all protocols and ports among instances in the network. This rule has the second-to-lowest priority of 65534, and it effectively permits incoming connections to VM instances from others in the same network.

default-allow-ssh Allows ingress connections on TCP port 22 from any source to any instance in the network. This rule has a priority of 65534.

default-allow-rdp Allows ingress connections on TCP port 3389 from any source to any instance in the network. This rule has a priority of 65534, and it enables connections to instances running the Microsoft Remote Desktop Protocol (RDP).

default-allow-icmp
Allows ingress ICMP traffic from any source to any instance in the network. This rule has a priority of 65534, and it enables tools such as ping

so the default rules don't include port 8081 from anywhere...

You can create a new fireall rule to allow ingress to 8081 on the Google cloud platform web console (VPC network -> Firewall) using this doc:

https://cloud.google.com/vpc/docs/using-firewalls#creating_firewall_rules

It would look like this

Best Answer

Also

Related Solutions

Linux – nmap shows opened port but netstat doesn’t

Linux – Centos does not open port/s after the rule/s are appended

Related Topic