Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

AWS Lightsail Firewall doesn't open a port or something else is blocking it

0

Hello,
The Lightsail Firewall is unable to open a specific port, I searched for this issue in the forums and there are several issues like this one but none of them has a valid solution for me.
I'm setting up my first Lightsail instance with Ubuntu 20.04 LTS and already installed Odoo and Postgresql. In the Lightsail firewall I opened 2 additional ports for any IP address: 8069 for the Odoo application and 5432 for PostgreSQL. I can access the Odoo application but I am unable to access the PostgreSQL service. I'm trying to open the PostgreSQL port (5432) on Networking > Firewall section (I did the same for the 8069) but seems it doesn't take any effect. I tried https://www.yougetsignal.com/tools/open-ports/ to test if the port is OPEN or CLOSED. Both public and private IP Port 22, 80 and 8069 are open. I’m pretty sure that there is a local firewall blocking incoming connections, in which case opening the port through the Lightsail firewall isn't sufficient. I tried connecting to the port locally from the server with “telnet 127.0.0.1 5432” and worked, but the same command using the external IP address didn’t.
I listed the active services running and ufw is active but “sudo ufw status” says inactive, so ufw is running but not blocking anything (I hope). I don’t identify any other service as a firewall (my only suspect is apparmor but I don't know how it works)
service --status-all

  • acpid : Advanced Configuration and Power Interface (ACPI) event daemon
  • apparmor : Linux kernel security module
  • apport : Apport intercepts Program crashes,
  • atd : runs jobs queued
  • console-setup.sh
  • cron : scheduler
  • cryptdisks
  • cryptdisks-early
  • dbus : message bus daemon
  • grub-common : Bootloader
  • hibagent
  • hwclock.sh
  • irqbalance
  • iscsid
  • keyboard-setup.sh
  • kmod : control kernel
  • lvm2
  • lvm2-lvmpolld
  • multipath-tools : configure multiple I/O paths between server nodes and storage arrays
  • odoo : Application
  • open-iscsi
  • open-vm-tools
  • plymouth
  • plymouth-log
  • postgresql : Database
  • procps : utilites for pseudo-filesystem
  • rsync
  • rsyslog : for logging
  • screen-cleanup
  • ssh
  • sysstat : system stats
  • udev : device management
  • ufw : <<<Firewall
  • unattended-upgrades
  • uuidd
  • x11-common
Themen
Kalkulation
Tags
Amazon Lightsail
Sprache
English
Placidov
gefragt vor 3 Jahren1241 Aufrufe
2 Antworten
0

I just found out the problem. To make PostgreSQL available to an external IP there are two items to configure: postgresql.conf and pg_hba.conf. Some sort of script or whatever is commenting out the line with the Public IP address in the postgresql.conf. When I restart the PostgreSQL service, I can connect from my local PGAdmin4, but if I reboot the instance, "something" is commenting the line with the Public IP address. Now I have to find the guilty "something", I think I can figure it out.

Placidov
beantwortet vor 3 Jahren
0

In addition to the two files you already mentioned, have you also taken a look at whether your settings are being overridden by config in postgresql.auto.conf? Settings in postgresql.auto.conf will override those in postgresql.conf (more docs about that config file here: https://www.postgresql.org/docs/13/config-setting.html#CONFIG-SETTING-CONFIGURATION-FILE).

A cursory Google search also turns this up, if this helps: https://dba.stackexchange.com/questions/180177/postgres-seems-to-ignore-listen-addresses-setting

AWS
tanbrian
beantwortet vor 3 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt