CODEWITHSUNDEEP
linuxnode.jshttpnetwork-programmingtcp
Marcus
Marcus

Reputation: 3797

Node.js http server not available via browser on internal/private network

I'm running a "hello world" http server using node.js on Fedora 20.

I can see "hello world" using my Firefox by typing any of the following in my address bar: 192.168.2.85, localhost, 0.0.0.0, 192.168.122.1

I thought I would be able to open a browser on my wife's computer when she's connected to the same DCHP NAT router, type 192.168.2.85 in the address bar, and see "hello world".

However, her Chrome33 says "This webpage is not available" or "Oops! ...could not connect to 192.168.2.25." Her IE9 says "...cannot display the webpage." But from her command prompt I can ping 192.168.2.85.

On her computer (Windows 7), I tried turning off Windows Firewall and turning off antivirus.

On my computer, I tried 

iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT

On our microsoft router, I tried Persistent Port Forwarding (inbound port range 80-80, private port range 80-80, type TCP, Private ip 192.168.2.85) and Enable virtual DMZ for 192.168.2.85. (I hope I'm not giving enough info to allow an attack?) I saw no reference to WDS in my router.

what should I do to make my node.js app available to other computers in my home? I'm new to all this.

Here's some more details . . .

netstat -ntlp
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      4566/node   


cat test.js
var http = require("http");

var app = http.createServer(function(request, response) {
  response.writeHead(200, {
    "Content-Type": "text/plain"
  });
  response.end("hello world\n");
});

app.listen(80); //192.168.2.85  
console.log("Server running...");

I've looked at: Cannot browse site hosted on local machine from a mobile

Node.js connect only works on localhost

How do I run Node.js on port 80?

connecting to node.js http server on linux machine from windows machine

Node.JS Not working on the internet

and others.

Upvotes: 0

Views: 1487

Answers (2)

Mashed Spud
Mashed Spud

Reputation: 552

If you have a Linux server without a GUI, you can set up the firewall manually using the firewall-cmd command...

# list current settings prior to changes; this is your baseline
firewall-cmd --zone=internal --list-all

# add the http services (https is optional based on your needs)
firewall-cmd --zone=internal --add-service=http
firewall-cmd --zone=internal --add-service=https

# I am using port 8080 with node.js just to differentiate it (optional)
firewall-cmd --zone=internal --add-port=8080/tcp

# the zone 'public' is the default zone on my machine but it is not
# associated with the eth0 network adapter.  however, the zone 'internal' is,
# therefore, make 'internal' the default zone
firewall-cmd --set-default-zone=internal

# make the changes permanent so that they are present between reboots
firewall-cmd --runtime-to-permanent

# reload all of the firewall rules for good measure
firewall-cmd --complete-reload

# list out the current settings after changes
firewall-cmd --zone=internal --list-all

That's it. Hope this helps someone.

Upvotes: 1

Marcus
Marcus

Reputation: 3797

First, I added a zone line to the ifcfg file for the home network.

# vi /etc/sysconfig/network-scripts/ifcfg-<router-ssid-name>   
    . . . 
    ZONE=internal

Then I rebooted to ensure change took place. Then in terminal I typed

firewall-config

It opens in the public zone, which is default, and allows the administrator to select trusted services. (If I get 10 reputation points I can include my screenshot here.)

If the ZONE is not set in ifcfg as above, then selecting the (public) http checkbox will still work.

But if ZONE=internal in the ifcfg file, then click on internal zone and select http there, for the added security. (Or I could have used ZONE=home or ZONE=work or ZONE=trusted. Same idea.) The change is immediately applied. The other computer's browser could see my "hello world".

Finally, at the top, I changed Runtime to Permanent from the dropdown list and closed the window.

I had thought I was accomplishing the same thing earlier when I tried iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT so I guess I need to look into what the difference is.

Thanks to jfriend00 for pointing me in the right direction. (If I had reputation I would upvote your comment.)

Upvotes: 0

Related Questions