# Cannot open a port (80)



## hernysun (Jul 15, 2009)

I have config for a few days and can't find out what is the problem here.
I have try modify the /etc/rc.conf
flush the firewall rules
and allow packet to enter port 80
still don't work

I test it by:
I go to http://www.canyouseeme.org/ and check if port 80 is open it said connection refused.

I am using FreeBSD 7.2 behind a DIR-605 router
Can you tell me exactly how to open it?

thx
hen


----------



## SirDice (Jul 15, 2009)

You'll need to open and forward the port on your router too.


----------



## mk (Jul 15, 2009)

is anything listen on that port ?


----------



## hernysun (Jul 15, 2009)

SirDice said:
			
		

> You'll need to open and forward the port on your router too.



I have handle that on DLink... set the router to forward the port 80 to freebsd internal address port 80


----------



## hernysun (Jul 15, 2009)

mk said:
			
		

> is anything listen on that port ?



don't understand how to listen(what command)?


----------



## mk (Jul 15, 2009)

"listen to a port" mean that there is service like apache waiting connections on that port. if you don't have any service binding on that port then the port is closed, thus connection refused


----------



## DutchDaemon (Jul 15, 2009)

[cmd=]sockstat -4p 80[/cmd]

Anything there?


----------



## hernysun (Jul 15, 2009)

```
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS
usrac    firefox-bi 3764  53 tcp4   192.168.0.103:65236   64.233.189.147:80
usrac    firefox-bi 3764  54 tcp4   192.168.0.103:64128   64.233.189.99:80
usrac    firefox-bi 3764  57 tcp4   192.168.0.103:62092   64.233.189.104:80
usrac    firefox-bi 3764  60 tcp4   192.168.0.103:49557   64.233.189.104:80
usrac    firefox-bi 3764  61 tcp4   192.168.0.103:63102   64.233.189.104:80
```


----------



## hernysun (Jul 15, 2009)

root display

```
]USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS
usrac    firefox-bi 3764  53 tcp4   192.168.0.103:61333   64.233.189.100:80
usrac    firefox-bi 3764  60 tcp4   192.168.0.103:61176   74.125.11.92:80
```


----------



## DutchDaemon (Jul 15, 2009)

So nothing is listening on _your_ port 80. That makes it rather hard to connect to it.


----------



## SirDice (Jul 15, 2009)

There's no service listening on port 80. You will need to install www/apache22 or any of the other webservers if you want to serve something on port 80.


----------



## DutchDaemon (Jul 15, 2009)

For testing purposes, run this command on your machine: [cmd=]nc -l 80[/cmd]. This will 'hang', don't panic. From another machine, telnet to your machine's port 80, and type 'hello'. You should see 'hello' on both sides. At least you'll know that the connection is possible. Close the telnet session with [cmd=]^][/cmd] and [cmd=]Ctl-d[/cmd]. That will also close the nc listener.


----------



## hernysun (Jul 15, 2009)

ubuntu@ubuntu-desktop:~$ telnet 192.168.0.103 80
Trying 192.168.0.103...
telnet: Unable to connect to remote host: Connection refused


----------



## hernysun (Jul 15, 2009)

can you plz tell me step by step (from the begining) how to open port 80

thx
hen


----------



## SirDice (Jul 15, 2009)

Maybe you should read up on the basics of TCP/IP a bit?


----------



## hernysun (Jul 15, 2009)

SirDice said:
			
		

> Maybe you should read up on the basics of TCP/IP a bit?



Do TCP/IP packet control in /etc/pf.conf?


----------



## SirDice (Jul 15, 2009)

No, I mean the real basics like the three-way handshake.


----------



## DutchDaemon (Jul 15, 2009)

What do you actually expect to find on your own port 80? You must have a reason to try to connect to it. Simply 'opening port 80' will not perform a magic trick and create a website ..


----------



## phoenix (Jul 15, 2009)

You can't "open a port" until you install a program to listen on that port.  IOW, unless you install Apache and write a webpage, you won't have anything to connect to.


----------



## DutchDaemon (Jul 15, 2009)

hernysun said:
			
		

> ubuntu@ubuntu-desktop:~$ telnet 192.168.0.103 80
> Trying 192.168.0.103...
> telnet: Unable to connect to remote host: Connection refused



Was this when [cmd=]nc -l 80[/cmd] was running on 192.168.0.103?


----------



## hernysun (Jul 16, 2009)

DutchDaemon said:
			
		

> What do you actually expect to find on your own port 80? You must have a reason to try to connect to it. Simply 'opening port 80' will not perform a magic trick and create a website ..



I am try to open a web server with apache, but the server won't go online, so i reinstall freebsd and try to open port 80 right now


----------



## hernysun (Jul 16, 2009)

phoenix said:
			
		

> You can't "open a port" until you install a program to listen on that port.  IOW, unless you install Apache and write a webpage, you won't have anything to connect to.



I have install apache before and i could link to it with localhost
but not from someone outside


----------



## hernysun (Jul 16, 2009)

DutchDaemon said:
			
		

> Was this when [cmd=]nc -l 80[/cmd] was running on 192.168.0.103?



yeah my freebsd machine internal ip is 192.168.0.103


----------



## hernysun (Jul 16, 2009)

just installed apache
and i run sockstat -4p 80
got this:


```
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS
www      httpd      11369 3  tcp4 6 *:80                  *:*
www      httpd      11368 3  tcp4 6 *:80                  *:*
www      httpd      11367 3  tcp4 6 *:80                  *:*
www      httpd      11366 3  tcp4 6 *:80                  *:*
www      httpd      11365 3  tcp4 6 *:80                  *:*
root     httpd      11364 3  tcp4 6 *:80                  *:*
```


----------



## SirDice (Jul 16, 2009)

That's good. Now there's something listening on port 80.


----------



## hernysun (Jul 26, 2009)

SirDice said:
			
		

> That's good. Now there's something listening on port 80.



yeah but still no one else could connect to my computer to visit my site


----------



## DutchDaemon (Jul 26, 2009)

Three possible causes:
1. The router is not forwarding port 80, or blocking it actively (internal firewall?)
2. The server has a firewall blocking port 80
3. The ISP is blocking port 80 (not uncommon on consumer Cable/DSL)

Running [cmd=]tcpdump -li $nic dst port 80[/cmd] can reveal incoming http traffic.

And another possibility:
1. You _think_ it doesn't work. Are you actually running Apache/2.2.11 (Ubuntu) PHP/5.2.6-3ubuntu4.1 with Suhosin-Patch? Then it works. At least, that's the banner on the IP address you're posting from. The web page itself says 'It Works!', which is the standard Apache page for new installs. Why it's Ubuntu .. no one knows.


----------



## best (Jul 30, 2009)

DutchDaemon said:
			
		

> Three possible causes:
> 2. The server has a firewall blocking port 80



based on that possibility, in freebsd 7.X (that i use), add this line in /etc/pf.conf


```
pass in quick on $ext_if inet proto {tcp, udp} from any to $external_addr \
           port 80 flags S/SA keep state
```

hope this will help you.

B.R.
best


----------



## DutchDaemon (Jul 30, 2009)

Please don't use color tags, use 
	
	



```
.
```


----------

