Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Need another brain... "connection refused"...

    Scheduled Pinned Locked Moved Firewalling
    7 Posts 3 Posters 1.8k Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P Offline
      paulparisi
      last edited by

      Need another brain on this... have a longtime working pfSense firewall.

      I have a RSync server behind it that is being used from several locations. I am actively transferring data using RSync to and from several remote hosts. I have one Linux host where I get a "connection refused" - both using RSync and trying "telnet remote.host.com 873" I do the same thing from another site and it connects fine. I can connect to other ports (FTP) from the command line "telnet remote.host.com 21" on both machines.

      I have no rules that are set to block one IP.

      Any pointers would be GREATLY appreciated!

      Thanks,
      Paul.

      1 Reply Last reply Reply Quote 0
      • DerelictD Offline
        Derelict LAYER 8 Netgate
        last edited by Derelict

        Connection refused means that something is returning a RST instead of a SYN/ACK when the connection is attempted. A pfSense firewall rule will not do this unless a REJECT rule is explicitly defined. The default behavior is to simply drop blocked traffic, not reply with a RST (the client will hang and timeout, not report Connection refused).

        Something somewhere is rejecting the connection instead of accepting it.

        With the information provided that's the best I can do.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • P Offline
          paulparisi
          last edited by

          Ah - ok - any suggested next steps for troubleshooting?

          1 Reply Last reply Reply Quote 0
          • DerelictD Offline
            Derelict LAYER 8 Netgate
            last edited by Derelict

            Find out what is rejecting the connection. You might need to packet capture. I would start at the pfSense interface at the server side. See if the SYN is being sent to the server and a RST / RST/ACK is being returned. If so, go to the server and figure out why it is rejecting the connections. The server logs might help here.

            If not, then walk the packet captures back one hop at a time toward the client (pfSense WAN would likely be next) until you find the RST being returned, or the SYN not arriving at all (meaning something upstream is doing it.)

            You might need to look at the client side.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • P Offline
              paulparisi
              last edited by

              The "problem" host is a Bluehost shared hosting account [host1] - it may be that client. The thing is that I have another Bluehost shared hosting account [host2] (on a different box) that it works on.

              I am able to make FTP connections from Host1 and Host2... so maybe BH has 873 outbound blocked on Host1. Does that sound plausible?

              1 Reply Last reply Reply Quote 0
              • DerelictD Offline
                Derelict LAYER 8 Netgate
                last edited by

                Something is rejecting the connection. What it is would be just a guess without tests being conducted. No experience with blue host. Sorry.

                If the SYN leaves the client and does not arrive at the pfSense WAN, then something between the client and that interface is blocking it.

                Chattanooga, Tennessee, USA
                A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                Do Not Chat For Help! NO_WAN_EGRESS(TM)

                1 Reply Last reply Reply Quote 0
                • GertjanG Offline
                  Gertjan
                  last edited by

                  When you talk about FTP, then port 21 among other, get involved.
                  rsync, normally, runs over port 22 - or whatever port (SSH ?) you choosed server side.

                  No "help me" PM's please. Use the forum, the community will thank you.
                  Edit : and where are the logs ??

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.