How to open port 8000 on Ubuntu 12.04?

markwest picture markwest · Mar 5, 2014 · Viewed 9.5k times · Source

On my Ubuntu 12.04 VM an app (Tryton) is running correctly on port 8000, when used locally. However, from outside I cannot connect to port 8000 via Internet. (Beforehand, I was using Windows Azure which has a user-friendly endpoint configuration.)

Netstat, run locally, reports the port as listening: (I've called this VM "NoConnection", to distinguish from below)

root@NoConnection:~# netstat -tupan | grep 8000
tcp        0      0 127.0.0.1:8000          0.0.0.0:*               LISTEN
10051/python
tcp        0      0 127.0.0.1:8000          127.0.0.1:58160         ESTABLISHED
10051/python
tcp        0      0 127.0.0.1:58160         127.0.0.1:8000          ESTABLISHED
10860/python

Checking locally with nmap seems ok as well:

root@NoConnection:~# nmap -v -A -PN localhost

Starting Nmap 5.21 ( http://nmap.org ) at 2014-03-05 09:55 EST
NSE: Loaded 36 scripts for scanning.
Initiating SYN Stealth Scan at 09:55
Scanning localhost (127.0.0.1) [1000 ports]
Discovered open port 22/tcp on 127.0.0.1
Discovered open port 3389/tcp on 127.0.0.1
Discovered open port 8000/tcp on 127.0.0.1
Discovered open port 631/tcp on 127.0.0.1
Discovered open port 5432/tcp on 127.0.0.1
Discovered open port 5910/tcp on 127.0.0.1
Completed SYN Stealth Scan at 09:55, 0.03s elapsed (1000 total ports)


PORT     STATE SERVICE       VERSION
22/tcp   open  ssh           OpenSSH 5.9p1 Debian 5ubuntu1.1 (protocol 2.0)
631/tcp  open  ipp           CUPS 1.5
3389/tcp open  microsoft-rdp xrdp
5432/tcp open  postgresql    PostgreSQL DB
5910/tcp open  vnc           VNC (protocol 3.8)
8000/tcp open  http-alt?

Port 8000 is Tryton ERP by the way, but nmap doesn't know that.

However, a nmap scan from a different machine *does not* find the open port:

root@WorksRight:~# nmap -v -A -PN IP_of_NoConnect_VM

Starting Nmap 5.21 ( http://nmap.org ) at 2014-03-05 15:00 UTC
NSE: Loaded 36 scripts for scanning.
Initiating Parallel DNS resolution of 1 host. at 15:00
Completed Parallel DNS resolution of 1 host. at 15:00, 0.08s elapsed
Initiating SYN Stealth Scan at 15:00
Scanning IP_of_NoConnect_VM [1000 ports]
Discovered open port 22/tcp on IP_of_NoConnect_VM
Discovered open port 3389/tcp on IP_of_NoConnect_VM
Discovered open port 5910/tcp on IP_of_NoConnect_VM
Completed SYN Stealth Scan at 15:00, 0.13s elapsed (1000 total ports)

I guess this is something not particular to the Tryton App, but to the way the Linux VM is set up with its ports.

For reference, on a working, different VM (on Windows Azure) where Tryton is configured correctly and accessible via Port 8000, the netstat output for port 8000 reads:

root@WorksRight:~# netstat -tupan | grep 8000
tcp6       0      0 :::8000                 :::*                    LISTEN
1310/python
tcp6       0      0 127.0.0.1:8000          127.0.0.1:36818         TIME_WAIT
-
tcp6       0      0 127.0.0.1:8000          127.0.0.1:36820         TIME_WAIT
-
tcp6       0      0 127.0.0.1:8000          127.0.0.1:36814         TIME_WAIT
-
tcp6       0      0 127.0.0.1:8000          127.0.0.1:36813         TIME_WAIT
-

And on the not-connecting VM it shows:

root@NoConnection:~# netstat -tupan | grep 8000
tcp        0      0 127.0.0.1:8000          0.0.0.0:*               LISTEN
10051/python
tcp        0      0 127.0.0.1:8000          127.0.0.1:58160         ESTABLISHED
10051/python
tcp        0      0 127.0.0.1:58160         127.0.0.1:8000          ESTABLISHED
10860/python

And of course, yes, I have checked, both machines have the port open in the application-specific trytond.conf file:

#This file is part of Tryton.  The COPYRIGHT file at the top level of
#this repository contains the full copyright notices and license terms.
[options]

# Activate the json-rpc protocol
jsonrpc = *:8000

Answer

markwest picture markwest · Mar 6, 2014

As it turned out, the application server had just not restarted correctly and hence not read in the changes to the config file.

The more detailed answer is here: Tryton client doesn't connect via Internet port 8000.