Reputation: 2330
Open up specific ports in google compute Engine. [centos7]
I am trying to open up some ports on my compute VM.
For example, I have this in firewall-rules
$ gcloud compute firewall-rules list
NAME NETWORK SRC_RANGES RULES SRC_TAGS TARGET_TAGS
default-allow-http default 0.0.0.0/0 tcp:80 http-server
default-allow-https default 0.0.0.0/0 tcp:443 https-server
default-allow-icmp default 0.0.0.0/0 icmp
default-allow-internal default 10.128.0.0/9 tcp:0-65535,udp:0-65535,icmp
default-allow-rdp default 0.0.0.0/0 tcp:3389
default-allow-ssh default 0.0.0.0/0 tcp:22
test-24284 default 0.0.0.0/0 tcp:24284 test-tcp-open-24284
I have created a centos 7 instance to which I have attached the tags
$ gcloud compute instances describe test-network-opened
...
...
items:
- http-server
- https-server
- test-tcp-open-24284
...
...
Now when I try to check from my dev box to see whether the port is opened or not using nmap on the public IP showed in the console for the VM
$ nmap -p 24284 35.193.xxx.xxx
Nmap scan report for 169.110.xxx.xx.bc.googleusercontent.com (35.193.xxx.xxx)
Host is up (0.25s latency).
PORT STATE SERVICE
24284/tcp closed unknown
Nmap done: 1 IP address (1 host up) scanned in 1.15 seconds
Now it's hitting the external NAT IP for my VM which would be 169.110.xxx.xx
I tried checking using the iptables rules, but that didn't show anything
[root@test-network-opened ~]# iptables -S | grep 24284
[root@test-network-opened ~]#
So I enabled firewalld and tried opening the port with it
[root@test-network-opened ~]# firewall-cmd --zone=public --add-port=24284/tcp --permanent
success
[root@test-network-opened ~]# firewall-cmd --reload
success
[root@test-network-opened ~]# iptables -S | grep 24284
[root@test-network-opened ~]#
I am not sure where I am doing it wrong with this. I referred these relevant questions on SO about this
- How to open a specific port such as 9090 in Google Compute Engine
- Can't open port 8080 on Google Compute Engine running Debian
- How to open a port on google compute engine
- https://cloud.google.com/compute/docs/vpc/using-firewalls
- https://cloud.google.com/sdk/gcloud/reference/compute/instances/describe
Upvotes: 0
Views: 1444
Answers (1)
Reputation: 2330
The ports were opened by the firewall but since I didn't have an application using the port already, nmap was showing the closed port which meant it was able to reach to the server and not firewalled
If it was it would have showed filtered.
I didn't have any application running on it so, didn't know this as a possibility. Careless of me.
Thanks for pointing this out.
Upvotes: 1
Related Questions
- How to open a specific port such as 9090 in Google Compute Engine
- How to allow a specific port in Google Cloud Platform instance for the specific URL/IP
- How To open ports on Ubuntu in Google cloud platform
- How to open a port on google compute engine
- How to open a port or all ports for Google Cloud Compute Engine
- Expose ports on google cloud vm
- Some google compute engine ports are closed
- GCE allow incoming traffic on specific ports
- Google Cloud Platform Firewall Rules PORT
- Google Compute Engine Firewall Rule To Restrict Traffic O Certain Ports To Specific IP Addresses