I am looking for foreman’s core service which I need to monitor and after googling found that it is 443 | 80 | 8140 but when I run the netstat –tunlp I can see below output-
Where all ports are listening on IPv6 (tcp6 ) but I can open the foreman page over IPv4. Then how foreman is working which port I should monitor over IPv4 along with Service name.
Except the service name—foreman | foreman-proxy | httpd
Can someone please help to get me the correct details. If I am missing something.
For status check the foreman-maintain command with subcommands health and service.
# foreman-maintain health list
# foreman-maintain health check
# foreman-maintain service
# foreman-maintain service status
Unless the application specifically handles IPv4 and IPv6 separately or specifically uses an IPv4 address for listen, an application listening on IPv6 to :: (unspecified address) by default is listening for IPv4 and IPv6 connections on any available IPv4 and IPv6 of the bound interface.
Thus httpd listening on :::80 and :::443 means it accepts any ipv4 and ipv6 connection. This should be th default for applications using the dual IP stack of the operating system.
sshd uses a specific IPv4 listen on 0.0.0.0:22 and is also listening on a separate socket to IPv6 :::22 (thus there probably accepting IPv4 as well). Why they do that separately and don’t let the OS handle that I can’t tell. Maybe historically, they have “added” IPv6 support and for that they used separate code which still persists until now and hasn’t been merged into handling that together like Apache httpd.
Either way: a listen on IPv6 :: means it’s listening on IPv4 and IPv6 addresses at the same time.
However, bear in mind that IPv4 and IPv6 still uses separate iptables/ip6tables. If you use iptables directly you would have to open ports for ipv4 and ipv6 to get incoming connections through. firewalld would usually handle both transparently.