Since my implementation require listening to different ports for different
client, I’ll need to expose those ports in my remote server in DigitalOcean.
Long story short, it took me a while to figure out that the server is
iptables to block any incoming traffic from other ports.
We can verify this by using the following
[email protected]:~$ sudo iptables --list Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT icmp -- anywhere anywhere ACCEPT udp -- anywhere anywhere udp spt:ntp ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED LOG all -- anywhere anywhere limit: avg 15/min burst 5 LOG level debug prefix "Dropped by firewall: " DROP all -- anywhere anywhere
As you can see, some of the ports allowed are for the
protocol. To expose other ports, we need to add a new rule under the
sudo iptables -I INPUT -p tcp -m tcp --dport 3001 -j ACCEPT
With this change, now I could reach the service I’m running on port 3001 by specifiying the port number by the end of the url:
(This is still needed as port 80 is used for
http by default.)
If you would like to learn more about
have some good resources to get started:
- Iptables Essentials: Common Firewall Rules and Commands
- How To List and Delete Iptables Firewall Rules