Hi Dave
On 04.10.2016, at 03:49, David T. Lewis lewis@mail.msen.com wrote:
Hi Tobias,
I am now running a test image on 'dan' that is listening for http connections on port 8888, and for VNC connections on 5900. I installed telnet on 'dan' so that I can verify that both listening ports are active on the server. But I am unable to make TCP connections to either port from an outside machine.
That is expected. BTW: You can use netstat to see who is listening where:
# netstat -neptl Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name tcp 0 0 10.176.197.150:22 0.0.0.0:* LISTEN 0 20788 7726/sshd tcp 0 0 0.0.0.0:8888 0.0.0.0:* LISTEN 1003 566790 30950/squeakvm tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 0 17561 6275/exim4 tcp 0 0 0.0.0.0:5900 0.0.0.0:* LISTEN 1003 546769 30950/squeakvm tcp6 0 0 ::1:25 :::* LISTEN 0 17562 6275/exim4
Next, ufw will tell you which ports are open:
# ufw status verbose Status: active Logging: on (low) Default: deny (incoming), allow (outgoing) New profiles: skip
To Action From -- ------ ---- 10.176.197.150 22/tcp ALLOW IN 10.0.0.0/8 10.176.197.150 8888/tcp ALLOW IN 10.0.0.0/8
I assume that I am missing some sort of port forwarding configuration, but nothing I have tried so far has worked. Ideally I would like to connect to the web server with http://104.130.170.38:8888 and use SSH local forwards for the VNC connection.
The web server variant via http://104.130.170.38:8888 is not intended. Please lets have as few ports open to the public as possible. But there's help:
Could you please try making connections to those two ports on 'dan' and let me know the specific ssh port forwarding commands that made it work?
so, this works for me:
ssh -L8888:localhost:8888 -L5900:localhost:5900 dan.box.squeak.org
(given the ssh config outlined some days ago, otherwise it is
ssh -L8888:localhost:8888 -L5900:localhost:5900 -o ProxyCommand "ssh -W %h:%p ss@ssh.squeak.org:10225" 10.176.197.150 )
you can then see squeaksource on localhost:8888 and the VNC on Display 0 on localhost.
Best regards -Tobias
Thanks, Dave
On Mon, Oct 03, 2016 at 08:40:30PM +0200, Tobias Pape wrote:
On 03.10.2016, at 01:25, David T. Lewis lewis@mail.msen.com wrote:
On Wed, Sep 28, 2016 at 11:31:36AM +0200, Tobias Pape wrote:
with retroactive blessing of Levente, I have now prepared eight VMs on Rackspace. Here's the overview:
======================================================================================================================= Name Name (ext) intended use Unix Users Public Ports Private Ports Public IPv4 Private IPv4
ian ssh.squeak.org ssh-gateway ssh 1022 22 104.130.6.82 10.208.225.29 alan *.squeak.org webserver webteam 80, 443 22 104.239.229.92 10.176.200.8 adele lists.... mailinglists (tbd) 25, 587, 465 22, 8080 162.242.237.43 10.208.160.56 andreas -------- source.squeak chrismuller* -------- 22, 8080 irrelevant 10.208.161.222 dan -------- squeaksource davidlewis* -------- 22, 8080 irrelevant 10.176.197.150 ted -------- squeak wiki+map (tbd) -------- 22, 8080, 8081 irrelevant 10.176.130.111 david -------- jenkins (tbd) -------- 22, 8080 irrelevant 10.208.194.45 scott -------- misc (tbd) -------- 22, 8080, 8081 irrelevant 10.176.199.169 =======================================================================================================================
I installed a new interpreter VM on dan, with the deb in /root/localdebs and notes added to /root/admin-log.txt:
======================== 20161002 davidlewis
Install 64-bit interpreter VM for squeaksource.com. This is an up to date VM compiled on my personal Ubuntu laptop according to instructions at http://wiki.squeak.org/squeak/6354, with "make deb" to create the local debian package installed here.
The debian install package is /root/localdebs/squeakvm_4.15.8-3749-1_amd64.deb
The run script is /usr/local/bin/squeak, as distinct from Cog/Spur VMs that are expected to be installed as /usr/bin/squeak.
========================
This is the same as used on box3, except that it is a 64-bit VM to suit the new Rackspace server.
The squeaksource.com image serves on local port 8888 (not 8080). I would prefer to keep that convention so that the image can be copied directly from box3 without modification.
8888 is there now. 8080 gone.
Is it possible to open some local ports on server dan during the transition period? It would be helpful if I could connect to 8888, 5900, and 5901 for the next couple of weeks or so.
Please use SSH local forwards for that.
like this: ssh -L5901:localhost:5901 dan.box.squeak.org
and then connect you VNC-viewer to Display 1 on localhost.
Thanks, Dave