iptables has port 80 open but nmap shows it closed
I'm having some troubles getting a Debian webserver to open up port 80 for HTTP traffic. In my iptables, I opened up port 80 using the following commands:
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p udp --dport 80 -j ACCEPT
Running an iptables -L then showed the following rules:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:www
ACCEPT tcp -- anywhere anywhere tcp dpt:www
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
However, after all of this, I ran nmap -sS 127.0.0.1 and discovered that port 80 still isn't open. Here are the results:
Nmap scan report for localhost (127.0.0.1)
Host is up (0.0000080s latency).
Not shown: 995 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
111/tcp open rpcbind
3306/tcp open mysql
8080/tcp open http-proxy
How is it possible for rules to be in place to open a port in iptables but still have that same port closed in Nmap? Does anyone have any ideas?
Solution 1:
From the output of netstat -lnp | grep 80
, it seems that your apache server is listening on the port 8080 not the default one 80.
Also, the line:
8080/tcp open http-proxy
from nmap output confirms this fact.
In summary, the port 80 is not open in your machine as apache is listening on 8080 instead.