0

We are using iptables on our Linux server. And the table looks like this:

$ sudo iptables -L -n

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:8474
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:8007
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:1883
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:443
# ...

But the port 1883 seems to be closed (from my machine):

$ nmap -p 1883 mqtt.host.com
Starting Nmap 7.80 ( https://nmap.org ) at 2024-09-04 09:54 CEST
Nmap scan report for mqtt.host.com (...)
Host is up (0.014s latency).
rDNS record for ...: host.com

PORT     STATE  SERVICE
1883/tcp closed mqtt

Nmap done: 1 IP address (1 host up) scanned in 0.09 seconds

I have opened port 1883 for mqtt by using sudo iptables -I INPUT 3 -p tcp --dport 1883 -j ACCEPT.

What am I doing wrong or what else do I need to do?

Improve this question
3
  • Is the MQTT service running on the server? If so, which address(es) is it listening on? Commented Sep 4, 2024 at 8:25
  • @StephenKitt oh yes, the mosquitto broker was listening on 1883, but just for localhost. I have fixed this, thanks! Commented Sep 4, 2024 at 8:31
  • you can watch "actively listening port" (cough) using as root ss -tlpn Commented Sep 4, 2024 at 12:19

1 Answer 1

Reset to default
1

The problem was not related to iptables, but to my configuration of the MQTT broker.

It was listening on 1883, but only for localhost. I have fixed this by removing this restriction and now the port is seen as open.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.