How can I see if a machine tried to connect to my (linux) server or not?

Question

I am trying to connect to a linux server which has several listening ports, and my connections are failing (According to my client) because the "host is down" ... however, I know the host is up.

So is there a script or log file I can change/inspect to see the rejected connection on the server side ... better yet, see WHY the connection is failing ?

In general, I find that connection failures can have misleading or ambiguous error messages... So I think this will solve my connection debugging activities once and for all, so that I will be able to directly test if the end point is rejecting a connection on the actual server side, rather than guessing based on client error messages.

BTW this is related to hadoop.

Answer 1

This sounds like a firewall issue. If you're on Ubuntu, run sudo ufw disable and try connecting again. If you can connect, then enable ufw again: sudo ufw enable and add a rule to allow incoming connections on the port you want.

source: https://help.ubuntu.com/community/UFW

Answer 2

Try iptables, for example:

iptables -I INPUT -m state --state NEW -j LOG --log-prefix "New Connection: "
iptables -I OUTPUT -m state --state NEW -j LOG --log-prefix "New Connection: "

And then look into server logs - call 'dmesg' from shell.

Answer 3

Use tcpdump.

This site has a lot of examples, one of which will suite your needs -> http://linux.byexamples.com/archives/283/simple-usage-of-tcpdump/

I would start with:

tcpdump -i eth0 tcp port XXXX