0

I have a VPS instance running FreeBSD. I started a simple web server on port 80.

When I am ssh'd into the server, I can reach the server:

$ curl <server-ip-address>
hello

However, when I try to connect on my own device:

$ curl http://<server-ip-address>
curl: (28) Failed to connect to <server-ip-address> port 80 after 8710 ms: Couldn't connect to server

I have searched on how to fix it, but have thusfar not been able to solve it.

Here's some information that might be useful:

  • Running ifconfig vtnet0 returns inet <server-ip-address>
  • This IP address is the same address as my VPS provides shows in the server management tool
  • My firewall (using pf) (pf.conf):
## Set public interface ##
ext_if = "vtnet0"

## Set server public IP address
ext_if_ip = "<server-ip-address>"

## Set and drop IP ranges on public interface ##
martians = "{ 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, \
              10.0.0.0/8, 169.254.0.0/16, 192.0.2.0/24, \
              0.0.0.0/8, 240.0.0.0/4 }"

## Set http (80) and https (443) ports ##
webports = "{http, https}"

## enable services ##
int_tcp_services = "{domain, ntp, smtp, www, https, ftp, ssh}"
int_udp_services = "{domain, ntp}"

## Skip loop back interface ##
set skip on lo

## Sets the interface for which PF should gather statistics such as bytes in/o
set loginterface $ext_if

## Set default policy ##
block return in log all
block out all

# Drop all Non-Routable Addresses
block drop in quick on $ext_if from $martians to any
block drop out quick on $ext_if from any to $martians

## Blocking spoofed packets
antispoof quick for $ext_if

# Allow SSH from any IP address
pass in inet proto tcp to $ext_if port ssh

# Allow Ping-Pong stuff. Be a good sysadmin
pass inet proto icmp icmp-type echoreq

# All access to our Nginx/Apache/Lighttpd Webserver ports
pass proto tcp from any to $ext_if port $webports

# Allow essential outgoing traffic
pass out quick on $ext_if proto tcp to any port $int_tcp_services
pass out quick on $ext_if proto udp to any port $int_udp_services
  • Last 2 entries of tcpdum -n -e -ttt -r /var/log/pflog
 00:01:06.020635 rule 0/0(match): block in on vtnet0: <some-ip-address (not mine)> > <server-ip-address>: Flags [S], seq 3213013147, win 64240, options [mss 1460, [|tcp]
 00:02:17.580326 rule 0/0(match): block in on vtnet0: <some-ip-address (not mine)> > <server-ip-address>: Flags [S], seq 3170210564, win 65535, length 0

Any help is much appreciated as I've hit a roadblock on trying to fix this.

Improve this question
4
  • Does that simple web server listen on <server-ip-address>? Commented Sep 13, 2024 at 15:33
  • @Henriksupportsthecommunity It does. I started the web server like so: python -m http.server -b <server-ip-address> 80. Curl-ing to the ip address on the server gives a response, on my local machine it does not. Commented Sep 13, 2024 at 16:20
  • @schrodingerscatcuriosity thanks for the heads up, I edited my post Commented Sep 13, 2024 at 16:24
  • But curl localhost that you show is not curl-ing the ip address, and I don't know pythons http.server module, so I can't tell if that is the right way to start that. But I maintain that what you show is consistent with a server process only listening on 127.0.0.1 and not on the ip address of the server. Commented Sep 14, 2024 at 12:55

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.