<div dir="ltr">Thanks a lot.<br><div><br>After iptables -F, it started working. :)<br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Sat, Mar 28, 2015 at 8:25 PM, Marius Cornea <span dir="ltr"><<a href="mailto:marius@remote-lab.net" target="_blank">marius@remote-lab.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Try adding the rule manually for your webserver<br>
<br>
iptables -I INPUT -p tcp --dport 30001 -j ACCEPT<br>
<br>
Depending on what you want to use you can add it to the settings:<br>
/etc/sysconfig/iptables for the iptables service or /etc/firewalld/<br>
for firewalld. For sake of debugging you could also use 'iptables -F'<br>
to delete all rules.<br>
<br>
On Sat, Mar 28, 2015 at 3:46 PM, Vedsar Kushwaha<br>
<div class="HOEnZb"><div class="h5"><<a href="mailto:vedsarkushwaha@gmail.com">vedsarkushwaha@gmail.com</a>> wrote:<br>
> New iptables -nL (for computer B)<br>
><br>
> Chain INPUT (policy ACCEPT)<br>
> target prot opt source destination<br>
> ACCEPT tcp -- 192.168.0.20 <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> multiport<br>
> dports 5671,5672 /* 001 amqp incoming amqp_192.168.0.20 */<br>
> ACCEPT tcp -- 192.168.0.19 <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> multiport<br>
> dports 5666 /* 001 nagios-nrpe incoming nagios_nrpe */<br>
> ACCEPT udp -- 192.168.0.19 <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> multiport<br>
> dports 4789 /* 001 neutron tunnel port incoming<br>
> neutron_tunnel_192.168.0.20_192.168.0.19 */<br>
> ACCEPT tcp -- 192.168.0.19 <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> multiport<br>
> dports 5900:5999 /* 001 nova compute incoming nova_compute */<br>
> ACCEPT tcp -- 192.168.0.20 <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> multiport<br>
> dports 16509,49152:49215 /* 001 nova qemu migration incoming<br>
> nova_qemu_migration_192.168.0.20_192.168.0.20 */<br>
> ACCEPT tcp -- 192.168.0.21 <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> multiport<br>
> dports 16509,49152:49215 /* 001 nova qemu migration incoming<br>
> nova_qemu_migration_192.168.0.20_192.168.0.21 */<br>
> ACCEPT tcp -- 192.168.0.22 <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> multiport<br>
> dports 16509,49152:49215 /* 001 nova qemu migration incoming<br>
> nova_qemu_migration_192.168.0.20_192.168.0.22 */<br>
> ACCEPT udp -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> udp dpt:53<br>
> ACCEPT tcp -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> tcp dpt:53<br>
> ACCEPT udp -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> udp dpt:67<br>
> ACCEPT tcp -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> tcp dpt:67<br>
> ACCEPT all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> state<br>
> RELATED,ESTABLISHED<br>
> ACCEPT icmp -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
> ACCEPT all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
> ACCEPT tcp -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> state NEW tcp<br>
> dpt:22<br>
> REJECT all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> reject-with<br>
> icmp-host-prohibited<br>
><br>
> Chain FORWARD (policy ACCEPT)<br>
> target prot opt source destination<br>
> ACCEPT all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://192.168.122.0/24" target="_blank">192.168.122.0/24</a> ctstate<br>
> RELATED,ESTABLISHED<br>
> ACCEPT all -- <a href="http://192.168.122.0/24" target="_blank">192.168.122.0/24</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
> ACCEPT all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
> REJECT all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> reject-with<br>
> icmp-port-unreachable<br>
> REJECT all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> reject-with<br>
> icmp-port-unreachable<br>
> REJECT all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> reject-with<br>
> icmp-host-prohibited<br>
><br>
> Chain OUTPUT (policy ACCEPT)<br>
> target prot opt source destination<br>
><br>
><br>
> One more question, I'm on Centos7 using openstack juno:<br>
><br>
> When starting firewalld, (service firewalld start) iptable stopped.<br>
> Similarly, when iptables starts (service iptables start), firewalld gets<br>
> stopped.<br>
><br>
><br>
><br>
> On Sat, Mar 28, 2015 at 7:49 PM, Vedsar Kushwaha <<a href="mailto:vedsarkushwaha@gmail.com">vedsarkushwaha@gmail.com</a>><br>
> wrote:<br>
>><br>
>> I'm using curl to access to the HTTPSEEVER.<br>
>><br>
>> python -m SimpleHTTPServer 30001<br>
>><br>
>><br>
>> iptables -nL<br>
>><br>
>> target prot opt source destination<br>
>> ACCEPT all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> ctstate<br>
>> RELATED,ESTABLISHED<br>
>> ACCEPT all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>> INPUT_direct all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>> INPUT_ZONES_SOURCE all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>> INPUT_ZONES all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>> ACCEPT icmp -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>> REJECT all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> reject-with<br>
>> icmp-host-prohibited<br>
>><br>
>> Chain FORWARD (policy ACCEPT)<br>
>> target prot opt source destination<br>
>> ACCEPT all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> ctstate<br>
>> RELATED,ESTABLISHED<br>
>> ACCEPT all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>> FORWARD_direct all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>> FORWARD_IN_ZONES_SOURCE all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>> FORWARD_IN_ZONES all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>> FORWARD_OUT_ZONES_SOURCE all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>> FORWARD_OUT_ZONES all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>> ACCEPT icmp -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>> REJECT all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> reject-with<br>
>> icmp-host-prohibited<br>
>><br>
>> Chain OUTPUT (policy ACCEPT)<br>
>> target prot opt source destination<br>
>> OUTPUT_direct all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>><br>
>> Chain FORWARD_IN_ZONES (1 references)<br>
>> target prot opt source destination<br>
>> FWDI_public all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> [goto]<br>
>> FWDI_public all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> [goto]<br>
>><br>
>> Chain FORWARD_IN_ZONES_SOURCE (1 references)<br>
>> target prot opt source destination<br>
>><br>
>> Chain FORWARD_OUT_ZONES (1 references)<br>
>> target prot opt source destination<br>
>> FWDO_public all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> [goto]<br>
>> FWDO_public all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> [goto]<br>
>><br>
>> Chain FORWARD_OUT_ZONES_SOURCE (1 references)<br>
>> target prot opt source destination<br>
>><br>
>> Chain FORWARD_direct (1 references)<br>
>> target prot opt source destination<br>
>><br>
>> Chain FWDI_public (2 references)<br>
>> target prot opt source destination<br>
>> FWDI_public_log all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>> FWDI_public_deny all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>> FWDI_public_allow all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>><br>
>> Chain FWDI_public_allow (1 references)<br>
>> target prot opt source destination<br>
>><br>
>> Chain FWDI_public_deny (1 references)<br>
>> target prot opt source destination<br>
>><br>
>> Chain FWDI_public_log (1 references)<br>
>> target prot opt source destination<br>
>><br>
>> Chain FWDO_public (2 references)<br>
>> target prot opt source destination<br>
>> FWDO_public_log all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>> FWDO_public_deny all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>> FWDO_public_allow all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>><br>
>> Chain FWDO_public_allow (1 references)<br>
>> target prot opt source destination<br>
>><br>
>> Chain FWDO_public_deny (1 references)<br>
>> target prot opt source destination<br>
>><br>
>> Chain FWDO_public_log (1 references)<br>
>> target prot opt source destination<br>
>><br>
>> Chain INPUT_ZONES (1 references)<br>
>> target prot opt source destination<br>
>> IN_public all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> [goto]<br>
>> IN_public all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> [goto]<br>
>><br>
>> Chain INPUT_ZONES_SOURCE (1 references)<br>
>> target prot opt source destination<br>
>><br>
>> Chain INPUT_direct (1 references)<br>
>> target prot opt source destination<br>
>><br>
>> Chain IN_public (2 references)<br>
>> target prot opt source destination<br>
>> IN_public_log all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>> IN_public_deny all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>> IN_public_allow all -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br>
>><br>
>> Chain IN_public_allow (1 references)<br>
>> target prot opt source destination<br>
>> ACCEPT tcp -- <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> tcp dpt:22<br>
>> ctstate NEW<br>
>><br>
>> Chain IN_public_deny (1 references)<br>
>> target prot opt source destination<br>
>><br>
>> Chain IN_public_log (1 references)<br>
>> target prot opt source destination<br>
>><br>
>> Chain OUTPUT_direct (1 references)<br>
>> target prot opt source destination<br>
>><br>
>> On Sat, Mar 28, 2015 at 6:57 PM, Marius Cornea <<a href="mailto:marius@remote-lab.net">marius@remote-lab.net</a>><br>
>> wrote:<br>
>>><br>
>>> iptables -nL ?<br>
>>><br>
>>> Also it's not clear to me when you get the 'No route to host' message.<br>
>>> How are you trying to access it?<br>
>>><br>
>>> On Sat, Mar 28, 2015 at 2:23 PM, Vedsar Kushwaha<br>
>>> <<a href="mailto:vedsarkushwaha@gmail.com">vedsarkushwaha@gmail.com</a>> wrote:<br>
>>> > firewall is disable on all computers :)<br>
>>> ><br>
>>> > Redirecting to /bin/systemctl status firewalld.service<br>
>>> > firewalld.service - firewalld - dynamic firewall daemon<br>
>>> > Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled)<br>
>>> > Active: inactive (dead)<br>
>>> ><br>
>>> ><br>
>>> > On Sat, Mar 28, 2015 at 6:35 PM, Marius Cornea <<a href="mailto:marius@remote-lab.net">marius@remote-lab.net</a>><br>
>>> > wrote:<br>
>>> >><br>
>>> >> Hi,<br>
>>> >><br>
>>> >> It sounds to me like a firewall issue. Please check the firewall rules<br>
>>> >> on computer B and make sure you allow HTTP access from the clients.<br>
>>> >><br>
>>> >> Tnx,<br>
>>> >> Marius<br>
>>> >><br>
>>> >> On Sat, Mar 28, 2015 at 1:43 PM, Vedsar Kushwaha<br>
>>> >> <<a href="mailto:vedsarkushwaha@gmail.com">vedsarkushwaha@gmail.com</a>> wrote:<br>
>>> >> > I installed openstack --allinone on one computer (Say A).<br>
>>> >> ><br>
>>> >> > Then, I added two more compute nodes(Say B and C) on this.<br>
>>> >> ><br>
>>> >> > Everything is working fine.<br>
>>> >> ><br>
>>> >> > But now, for some other reason I want to start HTTPServer on<br>
>>> >> > computer B<br>
>>> >> > and<br>
>>> >> > access it from computer X and Y which are different from A,B & C.<br>
>>> >> ><br>
>>> >> > Now after running HTTPServer on computer B, I'm not able to access<br>
>>> >> > it<br>
>>> >> > from<br>
>>> >> > computer X and Y.<br>
>>> >> > Giving Error 'No route to host'<br>
>>> >> ><br>
>>> >> > Although from computer B, I can access HTTPServer of computer B.<br>
>>> >> ><br>
>>> >> ><br>
>>> >> > Please help.<br>
>>> >> ><br>
>>> >> > --<br>
>>> >> > Vedsar Kushwaha<br>
>>> >> > M.Tech-Computational Science<br>
>>> >> > Indian Institute of Science<br>
>>> >> ><br>
>>> >> > _______________________________________________<br>
>>> >> > Rdo-list mailing list<br>
>>> >> > <a href="mailto:Rdo-list@redhat.com">Rdo-list@redhat.com</a><br>
>>> >> > <a href="https://www.redhat.com/mailman/listinfo/rdo-list" target="_blank">https://www.redhat.com/mailman/listinfo/rdo-list</a><br>
>>> >> ><br>
>>> >> > To unsubscribe: <a href="mailto:rdo-list-unsubscribe@redhat.com">rdo-list-unsubscribe@redhat.com</a><br>
>>> ><br>
>>> ><br>
>>> ><br>
>>> ><br>
>>> > --<br>
>>> > Vedsar Kushwaha<br>
>>> > M.Tech-Computational Science<br>
>>> > Indian Institute of Science<br>
>><br>
>><br>
>><br>
>><br>
>> --<br>
>> Vedsar Kushwaha<br>
>> M.Tech-Computational Science<br>
>> Indian Institute of Science<br>
><br>
><br>
><br>
><br>
> --<br>
> Vedsar Kushwaha<br>
> M.Tech-Computational Science<br>
> Indian Institute of Science<br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr">Vedsar Kushwaha<div>M.Tech-Computational Science</div><div>Indian Institute of Science</div></div></div></div></div>
</div>