My server: 64 bit Ubuntu 12.04.4 LTS. Provider: Linode.com. No other firewall is present.
I’ve these rules:
*filter # Allow localhost traffic. This rule is for all protocols. -A INPUT -s ::1 -d ::1 -j ACCEPT -A INPUT -p icmpv6 -j ACCEPT -A OUTPUT -p icmpv6 -j ACCEPT #Allow image server -A INPUT -m tcp -p tcp --dport 31333 -j ACCEPT -A INPUT -m tcp -p tcp --dport 80 -j ACCEPT -A INPUT -m tcp -p tcp --dport 443 -j ACCEPT COMMIT
The ping is working even from outside.
But telnet is not working from localhost.
% telnet -6 2600:3c00:0:0:f03c:91ff:fe73:2b08 80 Trying 2600:3c00:0:0:f03c:91ff:fe73:2b08...
What could be the problem?
Ultimately my server will listen on port 31333 for requests from Chrome Browser WebSocket interface. And I want to see telnet on port 80 working first then I’ll work on port 31333.
It looks like Apache needs to be bound to 64 bit address. But I’ve even added this line to see if ftp is working but still telnet can’t connect:
-A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
As per suggestion by Michael Hampton I’ve run
ip6tables -F to clear the rules and now running
ip6tables -L shows:
Chain INPUT (policy DROP) target prot opt source destination Chain FORWARD (policy DROP) target prot opt source destination Chain OUTPUT (policy DROP) target prot opt source destination
but still connect to port 80 does not work (with IPv4 it works):
# telnet -6 2600:3c00::f03c:91ff:fe73:2b08 80 Trying 2600:3c00::f03c:91ff:fe73:2b08... ^C # telnet -6 2600:3c00:0:0:f03c:91ff:fe73:2b08 80 Trying 2600:3c00::f03c:91ff:fe73:2b08... # telnet 220.127.116.11 80 Trying 18.104.22.168... Connected to 22.214.171.124. Escape character is '^]'.
Your firewall is configured to drop all traffic, even without any rules. This will be the source of your problem.
Chain INPUT (policy DROP) Chain OUTPUT (policy DROP)
Reset the policies of these tables to ACCEPT to restore connectivity.
ip6tables -P INPUT ACCEPT ip6tables -P OUTPUT ACCEPT
Then you can get on with constructing a proper firewall.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.