How do I open a port in Linux CentOS 5 for an Informix server ?
How do I open a port in Linux CentOS 5 for an Informix server ?
in /etc/services I added the service and put in there the port number. Is there any other changes that I should make ? When I do telnet destionationhost 1526 from a windows machine it tells me that could not open connection to the host on that port. Connect failed. I know that if a port is open, I should be able to connect with telnet. My firewall is disabled (policy accept from all - input output, forward, etc all chains) iptables -A INPUT -i eth0 -p udp --sport 1526 -m state --state ESTABLISHED -j ACCEPT and -p tcp iptables -A INPUT -p udp --dport 1526 -j ACCEPT and -p tcp still... those commands are useless since the firewall is off by default, did iptables -F in rc.local so everytime when the machine restarts the firewall is "disabled" I mean it accepts all connections. One more thing, I know that linux boxes have the se linux thing. I remember that when I installed the se linux was disabled, but still... where do I need to disable that if it's enable ? And how do I test it ? netstat -nap | grep :1526 tcp 0 0 127.0.0.1:1526 0.0.0.0:* LISTEN 7128/oninit |
to disable selinux you need to modify /etc/selinux/config with the following line "SELINUX=disabled"
Can you ping your destinationhost from the windows machine or SSH from there? |
Quote:
Ok, just as I thought, that selinux was enabled in selinux/config I had the line SELINUX=enforcing now I modify it to disabled did restart (reboot) and it's still now working. I remember that one month ago when the CentOS 5 and the informix wasn't reinstalled it worked fine. Let me reformulate. I had the same configuration (I gues) one month ago. Now I have reinstalled the CentOS and informix server and I can't longer connect to the 1526 port using telnet. Anyway, it was a good one with that selinux to be disabled. Thankx. Any other suggestions, please ? |
Can you telnet localhost 1526 from your CentOS mahcine?
|
Quote:
|
Sorry, was having trouble with the quote function.
|
centos82 read carefull all what I said. I said that one month ago I had the same configuration, informix server installed and centos installed, now I have reinstalled CentOS and informix server and now the telnet dosen't work on 1526port.
http://www.idevelopment.info/data/Un...TPAsRoot.shtml I did what they said there, I can connect to telnet as root and use the telnet as a ssh *(putty) If I telnet from a windows machine to the ip of the server and port 22 it lets me in so it's just fine but dosen't let me connect on port 1526. |
Can you telnet localhost 1526 from your centos server?
|
Quote:
Yes, it worked. Connection closed by foreign host. [root@xxxx ~]# telnet localhost 1526 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. now I pressed enter Connection closed by foreign host. [root@xxxx ~]# It seems that I can connect but only from localhost. What seems to be the problem then ? One more thing. I am with the windows machine in a domain and the CentOS server dosen't have a DNS name associated in the domain controller. Thing is, I don't remember but I think that one month ago it wasn't the Centos server associated with a dns in the domain controller so I think this isn't the problem but I t hough that I should let you know. The windows machine is 172.16.12.x and the Centos is 172.16.100.x If I ping it it replys me, so it's ok. |
I installed mysql-server for a test. I successfully connected to port 3306 via telnet.
|
You have an interesting problem. You can connect locally, you can connect to other ports remotely.
What does iptables -L show you? How many NICs are configured on your CentOS machine? |
What does "cat /etc/services |grep 1526" show?
Then "lsof |grep <first 4 character of port listed for 1526" ex. (root@ctrl) [/root]$ cat /etc/services |grep 1526 pdap-np 1526/tcp # Prospero Data Access Prot non-priv pdap-np 1526/udp # Prospero Data Access Prot non-priv (root@ctrl) [/root]$ lsof |grep pdap I've got nothing running on 1526 so nothing returns from lsof but you should get something if its running. |
Ok, so let's recapitulate:
I have CentOS 5 X86_64 and Informix server 9.40 UC2 1. I can ping the linux machine from the windows machine. 2. I can connect to port 22 using telnet. 3. I can connect to port 3306 *(mysqlserver) from the localhost linux machine server. [root@xxxx ~]# telnet localhost 3306 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. 4 5.0.45!{n4V4B/,b"~w[@l$jma~quit Bad handshakeConnection closed by foreign host. [root@xxxx ~]# 4. I can connect to port 3306 *(mysqlserver) from a windows machine using telnet. 5. The iptables are default policy set to accept. Anyway I have added the exception for the port 1526 tcp and udp, just to be done. 6. I have disabled the SE linux enforcing. 7. I can connect to port 1526 to the linux machine but only from the localhost - using root. [root@xxxx ~]# telnet localhost 1526 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. quit Connection closed by foreign host. [root@xxxx ~]# Dear centos82, I said I have the policy of iptables (chains) set to accept as default. Did iptables -F and put the exception iptables command for the port 1526, but I'm sure I didn't have to do that. Anyway, here's the output log: [root@xxxx ~]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT udp -- anywhere anywhere udp dpt:pdap-np ACCEPT tcp -- anywhere anywhere tcp dpt:onserv ACCEPT udp -- anywhere anywhere udp spt:pdap-np sta te ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp spt:onserv stat e ESTABLISHED Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Firewall-1-INPUT (0 references) target prot opt source destination [root@xxxx ~]# And you are very right :) I can connect to 1526 from localhost but can't connect from a remote windows machine. |
According to your 1st post
Quote:
You probably need to change Informix cfg to listen on the relevant IP. |
Quote:
[root@xxxx ~]# cat /etc/services |grep 1526 onserv 1526/tcp #Pt informix server pdap-np 1526/tcp # Prospero Data Access Prot non-priv pdap-np 1526/udp # Prospero Data Access Prot non-priv [root@xxxx ~]# ===================================================================== [root@xxxx ~]# lsof |grep onserv oninit 6321 informix 5u IPv4 20644 TCP herculetest:onserv (LISTEN) [root@xxxx ~]# damn smiley :)) [root@xxxx ~]# lsof |grep onserv oninit 6321 informix 5u IPv4 20644 TCP herculetest: onserv (LISTEN) [root@xxxx ~]# |
All times are GMT -5. The time now is 09:26 PM. |