Iptables confuses me, can someone give me the command to open outgoing ssl connections from the server on port 443?
It's used by a script on the server, currently when I execute it on port 80 it works fine, on port 443 it just hangs so I'm assuming the ports not open for outgoing connections.
-
Add line in /etc/sysconfig/iptables:
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 443 -j ACCEPTAnd run command:
iptables -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 443 -j ACCEPTJoe Pilon : great thanks for the commands!From bindbn -
presumably you have a script running on your own server that is making some connection to 1) a web server remotely, at either http port 80 or https on port 443 or 2) the script is connecting back to a web server running on the local server at port 80 or 443
By the sound of your description, "on port 443 it just hangs" you are able to make a TCP connection to port 443, but somehow the SSL protocol negotiation fails or some other problem occurs.
To test this you can do something like this from the command line;
# telnet www.yourservergoeshere.com 443 Trying 74.125.227.18... Connected to www.l.google.com. Escape character is '^]'.and see whether it actually connects to the remote 443 port. If you get the message
connected to www.someserver.comthen the issue is not your iptables.
If so it is more likely to be what ever is in your script being unable to talk SSL/HTTPS
if the default INPUT rule for your iptables is DROP, then you might get your scripting waiting for the TCP timeout length before failing to connect.
0 comments:
Post a Comment