VPS Hosting and ports : Episode 3

Atul
Technology , Web , Free software , The big o community , Vps
May 23, 2025

Table of Contents

VPS Hosting and ports : Episode 3

Drawing

Ports

root@atulya:~/frappe_docker# sudo netstat -tulnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 127.0.0.1:5280          0.0.0.0:*               LISTEN      692956/lua          
tcp        0      0 0.0.0.0:5000            0.0.0.0:*               LISTEN      692956/lua          
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      692928/mariadbd     
tcp        0      0 127.0.0.1:5432          0.0.0.0:*               LISTEN      692846/postgres     
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      760740/nginx: maste 
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      760740/nginx: maste 
tcp        0      0 193.203.163.151:3478    0.0.0.0:*               LISTEN      692805/turnserver   
tcp        0      0 193.203.163.151:3478    0.0.0.0:*               LISTEN      692805/turnserver   
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      692826/sshd: /usr/s 
tcp        0      0 127.0.0.54:53           0.0.0.0:*               LISTEN      692825/systemd-reso 
tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN      694319/docker-proxy 
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      693229/exim4        
tcp        0      0 127.0.0.1:35333         0.0.0.0:*               LISTEN      691529/containerd   
tcp        0      0 0.0.0.0:5355            0.0.0.0:*               LISTEN      692825/systemd-reso 
tcp        0      0 0.0.0.0:5269            0.0.0.0:*               LISTEN      692956/lua          
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      692825/systemd-reso 
tcp        0      0 0.0.0.0:5281            0.0.0.0:*               LISTEN      692956/lua          
tcp        0      0 0.0.0.0:5222            0.0.0.0:*               LISTEN      692956/lua          
tcp6       0      0 :::5000                 :::*                    LISTEN      692956/lua          
tcp6       0      0 ::1:25                  :::*                    LISTEN      693229/exim4        
tcp6       0      0 :::22                   :::*                    LISTEN      692826/sshd: /usr/s 
tcp6       0      0 :::8080                 :::*                    LISTEN      694325/docker-proxy 
tcp6       0      0 ::1:5280                :::*                    LISTEN      692956/lua          
tcp6       0      0 :::5355                 :::*                    LISTEN      692825/systemd-reso 
tcp6       0      0 :::5269                 :::*                    LISTEN      692956/lua          
tcp6       0      0 :::5281                 :::*                    LISTEN      692956/lua          
tcp6       0      0 ::1:5432                :::*                    LISTEN      692846/postgres     
tcp6       0      0 2a02:4780:12:1c7b::3478 :::*                    LISTEN      692805/turnserver   
tcp6       0      0 2a02:4780:12:1c7b::3478 :::*                    LISTEN      692805/turnserver   
tcp6       0      0 :::5222                 :::*                    LISTEN      692956/lua          
udp        0      0 0.0.0.0:5355            0.0.0.0:*                           692825/systemd-reso 
udp        0      0 193.203.163.151:3478    0.0.0.0:*                           692805/turnserver   
udp        0      0 193.203.163.151:3478    0.0.0.0:*                           692805/turnserver   
udp        0      0 127.0.0.54:53           0.0.0.0:*                           692825/systemd-reso 
udp        0      0 127.0.0.53:53           0.0.0.0:*                           692825/systemd-reso 
udp6       0      0 :::5355                 :::*                                692825/systemd-reso 
udp6       0      0 2a02:4780:12:1c7b::3478 :::*                                692805/turnserver   
udp6       0      0 2a02:4780:12:1c7b::3478 :::*                                692805/turnserver   
root@atulya:~/frappe_docker#

The Digital Kingdom: Ports & Protocols Adventure

A Journey Through the Network Realm

Welcome, brave traveler! You stand at the gates of the Digital Kingdom, where mysterious ports and powerful services guard the flow of data. Your mission is to explore this land, uncover its secrets, and understand who controls which gate (port).

🗺️ Map of the Digital Kingdom

(A visual guide to the ports and their guardians)

🌐 The Great Gates (0.0.0.0 & ::: – Open to All)

These ports allow entry from anywhere in the realm!

Port	Guardian (Service)	Role in the Kingdom
80	Nginx (Master)	The Web Gatekeeper – Allows HTTP travelers into the land.
443	Nginx (Master)	The Royal SSL Gate – Encrypts all messages (HTTPS).
22	OpenSSH	The Secure Tunnel – Only trusted knights (admins) may pass.
3478	TURN Server	The Ice Mage – Helps with WebRTC (video calls & gaming).
5000	Lua (Mystic Script)	A secret service – Possibly a custom app or API.
5222	Lua (XMPP?)	The Messenger’s Port – Used for chat (Jabber/XMPP).
5269	Lua (XMPP Server?)	The Messenger’s HQ – For server-to-server chat.
8080	Docker Proxy	The Dockworker – A containerized service (possibly web).

🏰 The Inner Keep (127.0.0.1 & ::1 – Local Only)

These ports are locked inside the castle walls—only local services may enter.

Port	Guardian (Service)	Role in the Kingdom
3306	MariaDB	The Royal Database – Stores all kingdom secrets.
5432	PostgreSQL	The Second Database – Another vault of knowledge.
5280	Lua (Admin?)	A hidden control panel – Possibly Prosody (XMPP admin).
5281	Lua (BOSH?)	A web messenger gateway – For browser-based chat.
25	Exim4	The Postmaster – Handles emails in the kingdom.
53	systemd-resolved	The Name Resolver – Converts names to IPs (DNS).
35333	containerd	The Docker Overseer – Manages containers.

🌌 The UDP Shadows (Stateless & Fast)

These are quick, connectionless messengers—great for real-time tasks.

Port	Guardian (Service)	Role in the Kingdom
3478 (UDP)	TURN Server	Helps with fast media streams (video/voice).
53 (UDP)	systemd-resolved	DNS Queries – Quickly finds where domains live.
5355 (UDP)	systemd-resolved	Multicast DNS – For local network discovery.

🎨 Diagram: The Digital Kingdom’s Network Fortress

  🌍 Internet Travelers
       │
       ▼
  🔓 Port 80 (HTTP)  🔒 Port 443 (HTTPS)
       │               │
       ▼               ▼
  🏰 Nginx (Master)  🔐 SSL Encryption
       │
       ├──▶ 🗃️ Docker (8080) → Container Secrets
       ├──▶ 💬 XMPP (5222, 5269) → Messengers
       ├──▶ 🧊 TURN (3478) → Video Calls
       └──▶ � SSH (22) → Admin Access
            │
            ▼
  🏯 Local Castle (127.0.0.1)
       ├──📦 MariaDB (3306) → Royal Records
       ├──📜 PostgreSQL (5432) → More Records
       ├──📨 Exim4 (25) → Messaging Pigeons (SMTP)
       └──🔍 DNS (53) → Address Book

🔍 The Mystery of Lua (Ports 5000, 5222, 5269, 5280, 5281)

A mysterious Lua-powered service controls multiple ports. Clues suggest:

5222 & 5269: Likely XMPP (Jabber chat) – Messengers delivering encrypted scrolls.
5280 & 5281: Could be Prosody (XMPP admin & BOSH) for web chat.
5000: Unknown—possibly a custom API or internal tool.

Quest: Run sudo lsof -i :5000 to uncover more secrets!

⚔️ Battle Plan for Migration (Nginx vs. Apache)

Since Nginx (Master) already rules ports 80 & 443, you must:

Redirect Apache’s forces to a new port (e.g., 8081).
Configure Nginx to proxy requests to Apache.
Retire Apache once all services swear loyalty to Nginx.

🏆 Conclusion: You’ve Mapped the Kingdom!

Now you know:

Nginx guards the main gates (80/443).
MariaDB & PostgreSQL protect the royal archives.
XMPP (Lua) runs the messenger network.
Docker hides services in magical containers.

Your next quest: Decide if Nginx shall rule alone or keep Apache as a vassal!

🚀 Adventure awaits! 🚀

VPS Hosting and ports : Episode 3