nc connection refused even on loopback

1

I'm working on an embedded linux system, which appears to be networked correctly and is running ssh (dropbear) and rpcbind. I'm setting up a server application on it, and every single thing I try results in my connections being refused. Even the simplest thing like running nc -l 5566 on the device and running nc 192.168.1.129 5566 on my laptop results in a connection refused. Even sitting on the same device and running nc 127.0.0.1 5566 fails. I've tried multiple ports both above and below 1023

So, at the moment my guess is either iptables is getting in the way, or there's a limitation about running netcat as root that I don't know. (The device is single user, so root is the only login.) My iptables looks like this:

root@at91:~# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

It didn't print, but the INPUT chain is supposed to accept for anything on lo, eth0, and eth1.

I'm stumped. Any ideas? The device does not have SELinux.

Maxwell Bottiger

Posted 2013-10-07T20:31:05.360

Reputation: 33

Stop iptables abd try it again to be sure. service iptables stop, and then run the nc command. – Gregg Leventhal – 2013-10-07T20:33:50.767

What runlevel are you using? Are you sure you have networking at all? – Gregg Leventhal – 2013-10-07T20:36:05.853

Yes, I'm sure networking is on. I'm connected through the console as well as multiple ssh windows. Also I can ping the device. – Maxwell Bottiger – 2013-10-07T20:40:34.363

The box doesn't have service, or a link to iptables in the /etc/init.d directory. Also, all the modules are built into a monolithic kernel, so I can't unload netfilter by hand. – Maxwell Bottiger – 2013-10-07T20:41:31.713

Can you run nmap -sP <IP address> from another box to verify that the ports are all filtered/closed on this device? the nc command you have listed should work as root. It does on my 2.6 kernel Red Hat box. – Gregg Leventhal – 2013-10-07T20:46:44.370

nmap -sP says: Host is up (0.00033s latency). Nmap done: 1 IP address (1 host up) scanned in 0.30 seconds – Maxwell Bottiger – 2013-10-07T20:51:17.753

plain old nmap says: `Host is up (0.0064s latency). Not shown: 998 closed ports PORT STATE SERVICE 22/tcp open ssh 111/tcp open rpcbind

Nmap done: 1 IP address (1 host up) scanned in 0.10 seconds` – Maxwell Bottiger – 2013-10-07T20:52:14.417

Also, I just recompiled the kernel without netfilter support and it still doesn't work. This must be a peculiarity of the particular angstrom distribution. – Maxwell Bottiger – 2013-10-07T20:53:06.687

So, this is still a bit of a mystery. I can't figure out why netcat is behaving so poorly, but my server wasn't working because the port wasn't being closed on exit. – Maxwell Bottiger – 2013-10-08T18:12:58.080

No answers

Asked: 2013-10-07T20:31:05.360

Viewed: 634 times

Active: 2013-10-07T20:31:05.360