Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Opening port 80 on Oracle Cloud Infrastructure Compute node [closed]

Tags:

oracle-cloud-infrastructure

This is an elementary question however one I cannot seem to resolve by perusing the Oracle Cloud Infrastructure documentation. I've created an Ubuntu-based compute node, and it's attached to a subnet. In that subnet I've created a stateful rule with source 0.0.0.0/0, IP protocol: TCP, Source Port Range: All, Destination Port Range: 80.

There is no firewall configured on the server.

Despite this configuration I can't access the compute node's public IP. Any ideas?

like image 565
Jason Gilmore Avatar asked Feb 20 '19 19:02

Jason Gilmore

People also ask

How do I allow a port in Oracle Cloud?

To open port 7004, you must create a security application for that port in Oracle Compute Cloud Service. Sign in to Oracle Cloud My Services and navigate to the Oracle Compute Cloud Service console. Click the Network tab and then click the Security Applications tab in the left pane. Click Create Security Application.

2 Answers

I figured it out. The connectivity issue was due to Oracle's default use of iptables on all Oracle-provided images. Literally the very first thing I did when spinning up this instance was check ufw, presuming there were a few firewall restrictions in place. The ufw status was inactive, so I concluded the firewall was locally wide open. Because to my understanding both ufw and iptables look at the netfilter kernel firewall, and because ufw is the de facto (standard?) firewall solution on Ubuntu, I've no idea why they concluded it made sense to use iptables in this fashion. Maybe just to standardize across all images?

I learned about the rules by running:

$ sudo iptables -L

Then I saved the rules to a file so I could add the relevant ones back later:

$ sudo iptables-save > ~/iptables-rules

Then I ran these rules to effectively disable iptables by allowing all traffic through:

$ iptables -P INPUT ACCEPT $ iptables -P OUTPUT ACCEPT $ iptables -P FORWARD ACCEPT $ iptables -F

To clear all iptables rules at once, run this command:

$ iptables --flush

Anyway, hope this helps somebody else out because documentation on the matter is non-existent.

like image 107
Jason Gilmore Avatar answered Sep 21 '22 08:09

Jason Gilmore

When deploying compute instances at Oracle Cloud Infrastructure you need to take into account few things:

  1. Create Internet Gateway (IGW).
  2. Define routes to point to IGW.
  3. Allow port 80 in the Security List associated with the IGW. By default you only have access to SSH and ICMP 3,4 type.
  4. Allow connectivity on Compute's instance firewall (which is enabled by default).

In your example if you are using a OEL shape: 

$ sudo firewall-cmd --zone=public --permanent --add-port=80/tcp  $ sudo firewall-cmd --reload
like image 37
IaaSgeek Avatar answered Sep 19 '22 08:09

IaaSgeek
Sign in to Comment

Related questions

How to see the tables created on oracle cloud
How long will it take for the terminated instance to get removed from the console?
What is the difference between Boot volume and Block volume?
How can one claim a subdomain of oracle.com?
Can't access Oracle Cloud Always Free Compute http port

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!