Port forwarding not working on localhost

Issues related to configuring your network
davidbiesack
Posts: 1
Joined: 2017/04/19 13:58:39
Contact:

Port forwarding not working on localhost

Postby davidbiesack » 2017/04/21 18:01:06

I have been able to configure firewalld to allow access to em1 from the public zone to a Tomcat 8 server running on port 8180, with port 80 mapped to 8180 (I'm not running httpd, just Tomcat): http://myhost.mydomain/ (and http://myhost.mydomain:8180/) works fine from other clients on the network. (I'm using 8180 since I want to keep 8080 open for development/test purposes.)

However, when I try to access http://myhost.mydomain/ or http://localhost/ from my CentOS 7 I get an error,
This site can’t be reached localhost refused to connect.
However, http://localhost:8180/ works. Thus the port forwarding does not appear to be working on localhost (but works externally). A stackoverflow question suggests adding an interface named 'lo' but it is not clear what that does.
The accepted answer "The server is not listening on loopback interface." does not tell me how to configure the loopback interface.

The Firewalld documentation does not mention localhost or loopback, and 'lo' is only mentioned without description.

My only active zone is public

Code: Select all

$ sudo firewall-cmd --get-active-zones
public
  interfaces: em1
$ sudo firewall-cmd --info-zone=public
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: em1
  sources:
  services: dhcpv6-client ssh
  ports: 8180/tcp 5900/tcp
  protocols:
  masquerade: no
  forward-ports: port=80:proto=tcp:toport=8180:toaddr=
  sourceports:
  icmp-blocks:
  rich rules:


Should I expect localhost to use a different zone? IIf so, how to I add the interface (is it really named lo?)

I tried:

Code: Select all

$ sudo firewall-cmd --zone=trusted --add-interface=lo
$ sudo firewall-cmd --zone=trusted --add-port=80/tcp
$ sudo firewall-cmd --zone=trusted --add-port=8180/tcp
$ sudo firewall-cmd --zone=trusted --add-forward-port=port=80:proto=tcp:toport=8180
success
$ sudo firewall-cmd --reload
success
$ sudo firewall-cmd --get-active-zones
public
  interfaces: em1
trusted
  interfaces: lo
$ sudo firewall-cmd --info-zone=trusted
trusted (active)
  target: ACCEPT
  icmp-block-inversion: no
  interfaces: lo
  sources:
  services:
  ports: 80/tcp 8180/tcp
  protocols:
  masquerade: no
  forward-ports: port=80:proto=tcp:toport=8180:toaddr=
  sourceports:
  icmp-blocks:
  rich rules:


but still http://localhost/ does not work (but http;//localhost:8180 does)
David Biesack
CentOS 7.2

Return to “CentOS 7 - Networking Support”

Who is online

Users browsing this forum: No registered users and 1 guest