can't make bitcoin-qt to listen at 18332 for outside IPs

[CryptoPanda]

It should be listening at 
"tcp       0      0 0.0.0.0:18332" but it's only listening at

Code:

 sudo netstat -tulpn | grep 833
tcp        0      0 0.0.0.0:18333           0.0.0.0:*               LISTEN      1641/bitcoin-qt 
tcp6       0      0 :::18332                :::*                    LISTEN      1641/bitcoin-qt 
tcp6       0      0 :::18333                :::*                    LISTEN      

This is the conf file

Code:

rpcuser=REMOVED

rpcpassword=REMOVED

rpcallowip=192.168.0.3 #this is the miner IP which is in the LAN and is accessible from my PC just fine
#gen=1     #tested with both that commented out and not, not sure if it's needed
server=1
testnet=1

If I comment rpcallowip, it would listen only to localhost connections

Code:

 sudo netstat -tulpn | grep 833
tcp        0      0 127.0.0.1:18332         0.0.0.0:*               LISTEN      1709/bitcoin-qt 
tcp        0      0 0.0.0.0:18333           0.0.0.0:*               LISTEN      1709/bitcoin-qt 
tcp6       0      0 ::1:18332               :::*                    LISTEN      1709/bitcoin-qt 
tcp6       0      0 :::18333                :::*                    LISTEN  

as soon as I set rpcallowip to allow the LAN IP, it stops listening at all at this port (only at Ipv6)

really weird, right?

[1715604882]

1715604882

[1715604882]

1715604882

[1715604882]

1715604882

[CryptoPanda]

tough one, isn't it?

[CryptoPanda]

original post edited for clarity on the issue

[CryptoPanda]

No one had this problem I suppose?

[chill1]

Code:

sudo netstat -tulpn | grep 833

Correct me if I am wrong, but wouldn't the above command filter out any result that did *not* include 833? What results do you get when you try the following?

Code:

sudo netstat -lpn | grep bitcoind

[CryptoPanda]

i'm getting all that listen to port having *833* in it

in the meantime i found that for bitcoind to allow connections outside of localhost, rpcssl=1 should be enabled and the proper certs generated and so on, but even after doing that, i still can't make it listen to the outside.

[chill1]

.. i still can't make it listen to the outside.

You can't access the RPC port you mean? Or bitcoind is failing to establish any connections and is failing to download any blocks as a result? Is there anything interesting in the debug.log file? This file should be located in the testnet3 directory.

[CryptoPanda]

I can't make it listen for outside connection at the RPC port, and can't connect to it from the outside.
everything else is fine

nothing really interesting in debug.log

[chill1]

I would suggest not using the rpcallowip at all. Here's how I currently have a bitcoind setup with remote RPC access:

* Add firewall settings to the bitcoind server that allow 127.0.0.1 to access the RPC port (18332 for testnet, 8332 for mainnet).
* Create a new linux user on the bitcoind server for the sole purpose of providing port forwarding via SSH for the RPC port.
* Setup SSH tunnel access from the machine(s) that require remote RPC access to the bitcoind server. The SSH tunnel should use the new linux user for the SSH session. I like to use public/private RSA keys to setup passwordless SSH between machines. Lastly, for security, when you are adding a public key to the list of authorized keys for the new linux user, you'll want to prevent command execution and restrict port forwarding to only the required RPC port.

Here's a snippet that let's you lock down an SSH session in the manner I just described:

Code:

no-pty,no-X11-forwarding,permitopen="localhost:18332",command="/bin/echo do-not-send-commands" THE_PUBLIC_KEY_GOES_HERE

This setup allows remote RPC access via an SSH tunnel without having to expose bitcoind ports to the net (only to the local machine).

If you have never setup passwordless SSH before, I wrote an article a while back that I posted on my site:
https://degreesofzero.com/article/passwordless-ssh-on-linux.html


-------- EDIT --------

You know it just occurs to me. You're referencing port 18333 everywhere. That's not the testnet RPC port. Port 18332 is the testnet RPC port that you should be attempting to connect to when using RPC.

[CryptoPanda]

that's really smart trick, but in this particular case the machine that needs to connect is bitcoin miner so no option to set ssh access from there.

[chill1]

Try leaving out the rpcallowip directive anyways. What have you done to be sure that the miner is not able to connect via RPC?

[chill1]

when I comment out rpcallowip it listens at 127.0.0.1:18332,  as soon as i set this line active, it stops listening to both localhost and outside
well i've set the url, port, user and password for the miner to connect to but it can't

That's not much to go on. What kind of debugging tools are available for you with the miner? Does it have a screen? Can you access it via SSH from your computer? What operating system is it running?

--- EDIT ---

Also, just a shot in the dark.. Is there a testnet option that you might have to set in the miner's configuration? It might be necessary to explicitly set such a flag, beyond setting the RPC port to 18332.

[CryptoPanda]

Well, i haven't really tried to troubleshoot the miner, since netstat clearly shows that the bitcoin machine doesn't even listen at this port for a connection. So I'm focusing on trying to make bitcoin work properly.
When it works if you just put the IP:port in the browser it asks for json password anyway, that's an easy way to test if it works from the outside. Well it doesn't

[chill1]

I don't have any more ideas. Sorry I couldn't help you fix your problem

Best of luck!

[btchris]

Well, i haven't really tried to troubleshoot the miner, since netstat clearly shows that the bitcoin machine doesn't even listen at this port for a connection.

It should be listening at  
"tcp       0      0 0.0.0.0:18332" but it's only listening at

Code:

 sudo netstat -tulpn | grep 833
tcp        0      0 0.0.0.0:18333           0.0.0.0:*               LISTEN      1641/bitcoin-qt 
tcp6       0      0 :::18332                :::*                    LISTEN      1641/bitcoin-qt 
tcp6       0      0 :::18333                :::*                    LISTEN      

If I comment rpcallowip, it would listen only to localhost connections

Code:

 sudo netstat -tulpn | grep 833
tcp        0      0 127.0.0.1:18332         0.0.0.0:*               LISTEN      1709/bitcoin-qt 
tcp        0      0 0.0.0.0:18333           0.0.0.0:*               LISTEN      1709/bitcoin-qt 
tcp6       0      0 ::1:18332               :::*                    LISTEN      1709/bitcoin-qt 
tcp6       0      0 :::18333                :::*                    LISTEN  

as soon as I set rpcallowip to allow the LAN IP, it stops listening at all at this port (only at Ipv6)

really weird, right?

This is normal behavior even though it is a bit confusing.

Without rpcallowip, Bitcoin creates two separate listening sockets for RPC, one for each localhost address.

When you create a listening socket with IPv6 that's not bound to a specific IP, you have the option to allow the socket to listen on IPv4 at the same time. With an rcpallowip option, Bitcoin does just that: it creates a single socket, not bound to a specific address, that is listening to both IPv4 and IPv6. Such a socket will only be listed once by netstat, which definitely is confusing, but it's just the way things are.

In other words, you should be troubleshooting under the assumption that Bitcoin is listening to both IPv4 and IPv6. (Bitcoin Core 0.9.3 will have a way to specify which IPs to bind to, which if used will disable this behavior.)

I don't know where the problem does lie, but it's not where you're looking right now....