Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

Which ports open for Nixstats?
New on LowEndTalk? Please Register and read our Community Rules.

Which ports open for Nixstats?

webcraftwebcraft Member
in Help

Hello,
I just tried to setup nixstats, so far so good but when I reapplied my firewall rules it stopped working and didn't update for an hour now. Which ports do I need to open in my firewall to make it running?

Thanks.

Comments

  • nfnnfn Member

    I think you need to open outgoing connections to https

  • webcraftwebcraft Member

    @nfn said:
    I think you need to open outgoing connections to https

    So port 443? I'm using ubuntu iptables.

  • lamronlamron Member
    edited January 2016

    If you see DROP policy for outgoing connections you need to open port 443 for OUTPUT with iptables.

    iptables -A OUTPUT -p tcp --sport 443 -m state --state NEW -j ACCEPT
    iptables -A OUTPUT -p tcp --dport 443 -m state --state NEW -j ACCEPT

    In most cases it makes little sense to restrict OUTPUT to DROP because it involves a lot of rules to allow outgoing traffic for all you host. However if you like super restrictive systems you can keep DROP on all chains but be ready to invest a lot of time in setup up your firewall of every new application you host.

  • webcraftwebcraft Member

    @lamron said:
    If you see DROP policy for outgoing connections you need to open port 443 for OUTPUT with iptables.

    iptables -A OUTPUT -p tcp --sport 443 -m state --state NEW -j ACCEPT
    iptables -A OUTPUT -p tcp --dport 443 -m state --state NEW -j ACCEPT

    In most cases it makes little sense to restrict OUTPUT to DROP because it involves a lot of rules to allow outgoing traffic for all you host. However if you like super restrictive systems you can keep DROP on all chains but be ready to invest a lot of time in setup up your firewall of every new application you host.

    I just drop incoming and forwarding. Outgoing is accepted.

  • sinsin Member

    webcraft said: I just drop incoming and forwarding. Outgoing is accepted.

    You're fine then...I allow outgoing and block incoming with only ports 22, 80, 443 open - NixStats works fine.

  • lamronlamron Member

    @webcraft have you added rules that allow replies to established outgoing connections?

    Thanked by 1webcraft
  • MikePTMikePT Moderator, Patron Provider

    @vfuse

    Thanked by 1vfuse
  • webcraftwebcraft Member

    @lamron said:
    webcraft have you added rules that allow replies to established outgoing connections?

    That was the hint. I disabled it because of GameServers I think. Now it's working fine. Thank you! :)

  • vfusevfuse Member, Host Rep

    The agent just needs port 443 (https) to api.nixstats.com.

    Thanked by 2netomx webcraft
  • lamronlamron Member

    Glad I could help you. You really shouldn't block replies by already established outgoing connections. This will only bring problems because you cannot receive replies to any of your going requests (DNS, ping and etc...). Bad idea.

Sign In or Register to comment.