Some ports are not working
-
Hello guys, i have 2 ports opened, that are, 25565 and 25566, on firewall of my server have these ports enabled in protocol TCP, but 25565 works perfectly but 25566 doesnt works. Someone have idea why?
-
@johnpoz that a good guy maybe can help me?
-
Go through the troubleshooting steps just like you would do if only 1 port.
https://docs.netgate.com/pfsense/en/latest/nat/port-forward-troubleshooting.htmlGuessing this has to do with minecraft?
-
@0rangeFox said in Some ports are not working:
Someone have idea why?
Show us your related NAT "25566" rules and some one will see what is wrong ^^
-
Yes is minecraft server. I think the problem is from server CentOS 7, im using Docker, but it is working for 25565 and on 25566 are blocking, im using the tool portfowarding test on pfSense, and other ports show are open and only 25566 is closed.
-
Pfsense can forward the traffic all day, but if the dest server doesn't answer for whatever reason it would show closed.
-
@johnpoz But any idea, why on CentOS 7 are closing the port 25566? If i can use 25565 or 65535 without problems, but why these port is closed? Can provide some commands to test or debug it?
-
Now, if the application using both ports runs within a docker container, you have to set up docker with both, did you?
-
You will prob get better help over on docker/centos and or your minecraft forums for running servers in docker.
While I have a couple of things that run in docker on my nas.. I am not a fan of it to be honest, and have no real exp with it.. So I wouldn't be much help at all.. Now if you were running your dockers on synology nas and it was something I could fire up to test with I might be able to help you figure out where your issue is..
Maybe some other here will be able to help, should prob move this to general section since not a port forwarding question about pfsense, but more why is docker not listening on port xyz.
-
@0rangeFox said in Some ports are not working:
25565 and 25566
If you have NATted port 25565 to a LAN IP - port 25565 - AND some process is actually listening on the port/IP
AND the LAN IP devices hasn't some firewall that blocks
THEN ...
same thing for the 25566 port.
Btw : I have no device that listens on my LAN these ports - so I rerouted port to port 80 (a web server - I know it works because I can visit it with my browser) on my NAS. Same thing for port 25566 that I rerouted to port 443 on the same NAS.
Also : I have a router in front of my pfSense, so I had to NAT on that device also for the 2 ports.
-
@Gertjan but on my pfSense, everything is open, i believe is because on CentOS 7 are blocking the ports, i dont see how to fix it.
-
I don't use CentOS, but did you lookup how to open ports on that operating system?
https://www.rootusers.com/how-to-open-a-port-in-centos-7-with-firewalld/
And, here's specifically a Minecraft server on CentOS:
https://linuxize.com/post/how-to-install-minecraft-server-on-centos-7/Did you get all of that setup correctly?
Jeff
-
@akuma1x Yes i did everything correct.
-
Don't take this the wrong way but users say they did XYZ all the time, and then they post up picture of what they actually did and its ABC or XYQ ;)
Do a simple netstat on your centos box - do you see it listening on that port?
Is docker doing the correct forwarding? etc.. As I stated earlier you prob get better help for centos and docker and minecraft over on their forums.
Pfsense just send the traffic on - if nothing answer nothing pfsense can do about that.
-
@johnpoz No problem, thanks for all people who tried to help me.
-
You might find someone here that is running what your running and could help you.. Don't give up all hope ;)
But the people that come here are more focused on details of how to do xyz with pfsense, and not the nuts and bolts of how to do xyz on centos or minecraft or docker..
While sure there is going to be many here that use those things, etc. But going to be far less then the people you find on the forums that are focused specifically on those things, etc.
-
even if "this has zero to do with pfSense"
i can give you a couple of suggestion to trysudo setenforce 0 firewall-cmd --permanent --zone=internal --set-target=ACCEPTand check if it work
