Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Which ports open for Nixstats?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Which ports open for Nixstats?

Hello,
I just tried to setup nixstats, so far so good but when I reapplied my firewall rules it stopped working and didn't update for an hour now. Which ports do I need to open in my firewall to make it running?

Thanks.

Comments

  • nfnnfn Veteran

    I think you need to open outgoing connections to https

  • @nfn said:
    I think you need to open outgoing connections to https

    So port 443? I'm using ubuntu iptables.

  • lamronlamron Member
    edited January 2016

    If you see DROP policy for outgoing connections you need to open port 443 for OUTPUT with iptables.

    iptables -A OUTPUT -p tcp --sport 443 -m state --state NEW -j ACCEPT
    iptables -A OUTPUT -p tcp --dport 443 -m state --state NEW -j ACCEPT

    In most cases it makes little sense to restrict OUTPUT to DROP because it involves a lot of rules to allow outgoing traffic for all you host. However if you like super restrictive systems you can keep DROP on all chains but be ready to invest a lot of time in setup up your firewall of every new application you host.

  • @lamron said:
    If you see DROP policy for outgoing connections you need to open port 443 for OUTPUT with iptables.

    iptables -A OUTPUT -p tcp --sport 443 -m state --state NEW -j ACCEPT
    iptables -A OUTPUT -p tcp --dport 443 -m state --state NEW -j ACCEPT

    In most cases it makes little sense to restrict OUTPUT to DROP because it involves a lot of rules to allow outgoing traffic for all you host. However if you like super restrictive systems you can keep DROP on all chains but be ready to invest a lot of time in setup up your firewall of every new application you host.

    I just drop incoming and forwarding. Outgoing is accepted.

  • sinsin Member

    webcraft said: I just drop incoming and forwarding. Outgoing is accepted.

    You're fine then...I allow outgoing and block incoming with only ports 22, 80, 443 open - NixStats works fine.

  • @webcraft have you added rules that allow replies to established outgoing connections?

    Thanked by 1webcraft
  • MikePTMikePT Moderator, Patron Provider, Veteran
    Thanked by 1vfuse
  • @lamron said:
    webcraft have you added rules that allow replies to established outgoing connections?

    That was the hint. I disabled it because of GameServers I think. Now it's working fine. Thank you! :)

  • vfusevfuse Member, Host Rep

    The agent just needs port 443 (https) to api.nixstats.com.

    Thanked by 2netomx webcraft
  • Glad I could help you. You really shouldn't block replies by already established outgoing connections. This will only bring problems because you cannot receive replies to any of your going requests (DNS, ping and etc...). Bad idea.

Sign In or Register to comment.