Antsle Forum
Welcome to our Antsle community! This forum is to connect all Antsle users to post experiences, make user-generated content available for the entire community and more.
Please note: This forum is about discussing one specific issue at a time. No generalizations. No judgments. Please check the Forum Rules before posting. If you have specific questions about your Antsle and expect a response from our team directly, please continue to use the appropriate channels (email: [email protected]) so every inquiry is tracked.
Struggling with Anlet access
Quote from seachellemz on November 5, 2022, 11:19 amI have had a a couple of anlets running on my Antlse for some time now. I had to refresh my SSL certificates (which I get from Namecheap). Since that time, I can no longer access any of my antlets from the browser. Here is my scenario and result (the name of my antsle is mzantsle-local):
access website from curl on the antlet: success
access website from curl on the root antsle: success
access website from a browser using http://mzantsle.22-local/: fails
access website from a browser using https://mzantsle.22-local/: fails
access website from my browsers using https://<domainname>: fails
ping my domain: success
ping mzantsle-local from my home network: success
ssh into root@mzantsle-local (to get to my antsle) and using -p 20022 (to get to my antlset): successThis is the error I am seeing in the nginx log on my antsle:
2022/11/05 13:10:11 [error] 6808#0: *2599 connect() failed (111: Connection refused) while connecting to upstream, client: 95.217.149.71, server: mimiskitchen.net, request: "GET /wp-login.php HTTP/1.1", upstream: "http://10.1.1.22:80/wp-login.php", host: "mimiskitchen.net", referrer: ""
My wordpress site is set up for https so the http://10.1.1.22:80/wp-login.php url in the log doesn't seem right, but I haven't changed the wordpress configuration nor did I change the nginx config when I replaced the certificates. I have tried curling that URL using both http and https on the root antlse and I get a Connection refused for both http and https.
I'm really at a loss and would appreciate any tips that you might have.
Just for additional information....this is what my qemu config looks like for this antlet:
# Update the following variables to fit your setup
# Use an equal number of host and guest ports
antlet_name=wordpress01
antlet_ipaddr=10.1.1.22
host_ipaddr=192.168.1.30
host_ports=( '3306' '8083' 443 )
antlet_ports=( '3306' '80' 443 )# Perform actions
if [ "${1}" = "${antlet_name}" ]; then
echo `date` hook/${antlet_type} "antlet ${1}" "${2}" >>/var/log/libvirt/hook.log
fi
length=$(( ${#host_ports[@]} - 1 ))
if [ "${1}" = "${antlet_name}" ]; then
if [ "${2}" = "stopped" ] || [ "${2}" = "reconnect" ]; then
for i in `seq 0 $length`; do
echo "`date` hook/${antlet_type} antlet $antlet_name Closing port ${host_ports[$i]} -> ${antlet_ports[$i]} " >>/var/log/libvirt/hook.log
iptables -t nat -D PREROUTING -d ${host_ipaddr} -p udp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -D FORWARD -d ${antlet_ipaddr}/32 -p udp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
iptables -t nat -D PREROUTING -d ${host_ipaddr} -p tcp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -D FORWARD -d ${antlet_ipaddr}/32 -p tcp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
done
fi
if [ "${2}" = "start" ] || [ "${2}" = "reconnect" ]; then
for i in `seq 0 $length`; do
echo "`date` hook/${antlet_type} antlet $antlet_name Mapping port ${host_ports[$i]} -> ${antlet_ports[$i]} " >>/var/log/libvirt/hook.log
iptables -t nat -A PREROUTING -d ${host_ipaddr} -p tcp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -I FORWARD -d ${antlet_ipaddr}/32 -p tcp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
iptables -t nat -A PREROUTING -d ${host_ipaddr} -p udp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -I FORWARD -d ${antlet_ipaddr}/32 -p udp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
done
fi
fi
I have had a a couple of anlets running on my Antlse for some time now. I had to refresh my SSL certificates (which I get from Namecheap). Since that time, I can no longer access any of my antlets from the browser. Here is my scenario and result (the name of my antsle is mzantsle-local):
access website from curl on the antlet: success
access website from curl on the root antsle: success
access website from a browser using http://mzantsle.22-local/: fails
access website from a browser using https://mzantsle.22-local/: fails
access website from my browsers using https://<domainname>: fails
ping my domain: success
ping mzantsle-local from my home network: success
ssh into root@mzantsle-local (to get to my antsle) and using -p 20022 (to get to my antlset): success
This is the error I am seeing in the nginx log on my antsle:
2022/11/05 13:10:11 [error] 6808#0: *2599 connect() failed (111: Connection refused) while connecting to upstream, client: 95.217.149.71, server: mimiskitchen.net, request: "GET /wp-login.php HTTP/1.1", upstream: "http://10.1.1.22:80/wp-login.php", host: "mimiskitchen.net", referrer: ""
My wordpress site is set up for https so the http://10.1.1.22:80/wp-login.php url in the log doesn't seem right, but I haven't changed the wordpress configuration nor did I change the nginx config when I replaced the certificates. I have tried curling that URL using both http and https on the root antlse and I get a Connection refused for both http and https.
I'm really at a loss and would appreciate any tips that you might have.
Just for additional information....this is what my qemu config looks like for this antlet:
# Update the following variables to fit your setup
# Use an equal number of host and guest ports
antlet_name=wordpress01
antlet_ipaddr=10.1.1.22
host_ipaddr=192.168.1.30
host_ports=( '3306' '8083' 443 )
antlet_ports=( '3306' '80' 443 )# Perform actions
if [ "${1}" = "${antlet_name}" ]; then
echo `date` hook/${antlet_type} "antlet ${1}" "${2}" >>/var/log/libvirt/hook.log
fi
length=$(( ${#host_ports[@]} - 1 ))
if [ "${1}" = "${antlet_name}" ]; then
if [ "${2}" = "stopped" ] || [ "${2}" = "reconnect" ]; then
for i in `seq 0 $length`; do
echo "`date` hook/${antlet_type} antlet $antlet_name Closing port ${host_ports[$i]} -> ${antlet_ports[$i]} " >>/var/log/libvirt/hook.log
iptables -t nat -D PREROUTING -d ${host_ipaddr} -p udp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -D FORWARD -d ${antlet_ipaddr}/32 -p udp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
iptables -t nat -D PREROUTING -d ${host_ipaddr} -p tcp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -D FORWARD -d ${antlet_ipaddr}/32 -p tcp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
done
fi
if [ "${2}" = "start" ] || [ "${2}" = "reconnect" ]; then
for i in `seq 0 $length`; do
echo "`date` hook/${antlet_type} antlet $antlet_name Mapping port ${host_ports[$i]} -> ${antlet_ports[$i]} " >>/var/log/libvirt/hook.log
iptables -t nat -A PREROUTING -d ${host_ipaddr} -p tcp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -I FORWARD -d ${antlet_ipaddr}/32 -p tcp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
iptables -t nat -A PREROUTING -d ${host_ipaddr} -p udp --dport ${host_ports[$i]} -j DNAT --to ${antlet_ipaddr}:${antlet_ports[$i]}
iptables -I FORWARD -d ${antlet_ipaddr}/32 -p udp -m state --state NEW,ESTABLISHED,RELATED --dport ${antlet_ports[$i]} -j ACCEPT
done
fi
fi
Quote from daniel.luck on November 7, 2022, 5:40 pmHi @mzaremskas
Thanks for reaching out in our antsle forums.
Since you have an existing ticket, I will work on you this ticket.Thank you,
antsle Support
Hi @mzaremskas
Thanks for reaching out in our antsle forums.
Since you have an existing ticket, I will work on you this ticket.
Thank you,
antsle Support