All ports closed on Host

John Patterson

New Member
Aug 13, 2017
23
0
1
50
Our host was working perfectly, we made no changes to it and now for some reason it is reporting all ports closed when we run nmap. Cannot access the GUI or SSH in.

Any thoughts?
 
I'm on the host so I can copy and paste

6 tcp and 3 tcp6 lines, all with 0 for Rev-Q, all 0 for Sen-Q, all foreign addresses listed as 0.0.0.0, 4 local listed as 0.0.0.0 two as localhost.localdomain. state is listen for all.

proxmox-ve 5.0-19
 
proxmox-ve: 5.0-19 running kernla 4:10.17-2-pve
pve-manager 5.0-30 running version 5.0-30/5ab26bc
pve-kernal-4.10.17-2-pve: 4.10.17-19
pve-kernal-4.10.15-1-pve: 4.10.15-15
libpve-http-server-perl: 2.0-5
lvm2: 2.02.168-pve3
corosync: 2.4.2-pve3
libqb0: 1.0.1-1
pve-cluster: 5.0-12
qemu-server: 5.0-15
pve-firmware:2.0-2
libpve-common-perl: 5.0-16
libpve-guest-common-perl: 2.0-11
libpve-access-control: 5.0-6
libpve-storage-perl: 5.0-14
pve-libspice-server1: 0.12.8-3
vncterm: 1.5-2
pve-docs: 5.0-9
pve-qemu-kvm: 2.9.0-3
pve-container: 2.0-15
pve-firewall: 3.0-2
pve-ha-manager: 2.0-2
ksm-control-daemon: 1.2-2
glusterfs-client: 3.8.8-1
lxc-pve: 2.0.8-3
lxcfs: 2.0.7-pve4
crlu: 2.11.1-1Z~bpo90
novnc-pve: 0.6-4
smartmontools: 6.5+svn4324-1
zfsutils-linux: 0.6.5.9-pve16~bpo90
 
By hand? OK, this will take a while.

Not sure what you mean "by hand" - you just wrote that copy&paste works. So Please can you also post the full output
from

# netstat -lt

I am unable to help with such incomplete data.

I assume you do not run any firewall?
 
That was a typo. I CANNOT copy and paste. Anyway, you have the data now.

What firewall are you referring to? On the Proxmox? I'm not running a firewall on the proxmox as yet, there is a pfsense in front of this node.

netstat data to follow.
 
tcp 0 0 0.0.0.0:sunrpc 0.0.0.0:* listen
tcp 0 0 localhost.localdomain:85 0.0.0.0:* listen
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* listen
tcp 0 0 0.0.0.0:3128 0.0.0.0:* listen
tcp 0 0 localhost.localdomain:smtp 0.0.0.0:* listen
tcp 0 0 0.0.0.0:8006 0.0.0.0:* listen
tcp6 0 0 [::]:sunrpc [::]:* listen
tcp6 0 0 [::]:ssh [::]:* listen
tcp6 0 0 ip6-localhost:smtp [::]:* listen
 
That looks OK to me. Maybe the pfsense is blocking the traffic? I assume
pveproxy and ssh service runs without problems - check with:

# systemctl status pveproxy
# systemctl status ssh
 
Yes, they are both responding as running. If it is the pfsense then it's only blocking the host, guests are fine.
 
OK, I can access the gui now. It must have been an outdated rule imported on to the firewall, I cleaned up the rule feeds and it is working against.

Sorry for wasting your time yet again.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!