iptables has port 80 open but nmap shows it closed

I'm having some troubles getting a Debian webserver to open up port 80 for HTTP traffic. In my iptables, I opened up port 80 using the following commands:

iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p udp --dport 80 -j ACCEPT

Running an iptables -L then showed the following rules:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     udp  --  anywhere             anywhere             udp dpt:www
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:www

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

However, after all of this, I ran nmap -sS 127.0.0.1 and discovered that port 80 still isn't open. Here are the results:

Nmap scan report for localhost (127.0.0.1)
Host is up (0.0000080s latency).
Not shown: 995 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
25/tcp   open  smtp
111/tcp  open  rpcbind
3306/tcp open  mysql
8080/tcp open  http-proxy

How is it possible for rules to be in place to open a port in iptables but still have that same port closed in Nmap? Does anyone have any ideas?


Solution 1:

From the output of netstat -lnp | grep 80, it seems that your apache server is listening on the port 8080 not the default one 80.

Also, the line:

8080/tcp open  http-proxy

from nmap output confirms this fact.

In summary, the port 80 is not open in your machine as apache is listening on 8080 instead.