Having trouble connection to MQTT broker
Home › Forums › Conduit: mLinux Model › Having trouble connection to MQTT broker
Tagged: mqtt
- This topic has 8 replies, 3 voices, and was last updated 7 years, 4 months ago by
Dave.
-
AuthorPosts
-
October 24, 2017 at 5:39 pm #21274
Dave
ParticipantSome time ago, I asked how to connect to the Conduit’s MQTT broker from a program running on another host in the network. I got this reply, which solved my problem. However, I’ve come across a situation where this solution isn’t working and I’m hoping someone can help.
I have another conduit and am using a PAHO client to connect from my Linux workstation. I’ve edited the Conduit’s mosquitto.conf file, commented out the “bind_address”, and restarted mosquitto. netstat shows that mosquitto is bound and listening on the correct address:port
#netstat -tlnp
….
tcp 0 0 0.0.0.0:1883 0.0.0.0:* LISTEN 8103/mosquitto
….I can ping and trace route to the conduit from my workstation, but when I try to connect my PAHO client (with the URL “tcp://<ipaddr>:1883” i’m getting:
Unable to connect to server (32103) – java.net.ConnectException: Connection timed out: connect
If can connect using the same code to my old Conduit though.
Does anyone have any ideas what I could try to get this to work?
Thanks,
Dave.October 25, 2017 at 7:29 am #21278Jason Reiss
KeymasterDid you open the port through the firewall?
October 25, 2017 at 9:07 am #21283Dave
ParticipantWhen you say “the firewall”, which firewall? The device is in our internal network and does not pass through any firewall.
October 25, 2017 at 9:18 am #21284Jason Reiss
KeymasterI meant any firewall in-between. This is a regular fix for AEP models that configure a firewall to not allow in-bound traffic. Since you are running mLinux there is not firewall enabled by default.
October 25, 2017 at 9:53 am #21285Dave
ParticipantYou say that there is no firewall enabled by default but can you enable a firewall in mLinux? This device was being used by another group in our organization and I can’t find out who all had their fingers on it. Is there a way I can tell if a firewall was enabled on the device (assuming you can enable one).
Thanks
October 25, 2017 at 10:54 am #21288Dave
ParticipantI made some progress. I looked at the output from iptables-save command on both Conduits and saw some differences between the one I could access and the one I was having trouble accessing. I saved the output from the “good” iptables-save command to a file, copied that file to the “bad” Conduit, did iptables-restore < <good-file> and I was able to access the MQTT server. Only problem is that on reboot, everything stops working and I have to reissue the iptables-restore command.
I’m not familiar with iptables. Can it be disabled? Can I disable it or at least save the new configuration through a reboot?
October 25, 2017 at 12:28 pm #21292Jeff Hatch
KeymasterDave,
One way to “stop” iptables would be to follow the instructions here:
https://www.cyberciti.biz/faq/debian-iptables-stop/
Make sure to save off your rules in case you want to restore them. and then use the shell script to open things wide. Be aware that this could lead to vulnerabilities. You could compare the two output files of the iptables-save on each device and see what the difference is. There must be something different on the system with the problem.
Jeff
October 25, 2017 at 1:25 pm #21293Dave
ParticipantThanks Jeff,
After looking at the difference between the two, I was able to find the missing rule and add it to the filter table to get things working but I still haven’t found out how to persist that rule through a reboot. Once I reboot, the rule is gone. Is there some magic place or command that will make this permanent?
Dave.
October 25, 2017 at 1:37 pm #21294Dave
ParticipantI managed to figure this out.
I was doing all my work from the command line and not using your Web UI 🙁 Once I added the rule and clicked “Save and Restart”. Everything is now working.
Thanks for your help
-
AuthorPosts
- You must be logged in to reply to this topic.