-   Linux - Networking (
-   -   Blocked ports. Can not find where. Help! (

maggus 09-05-2009 03:12 PM

Blocked ports. Can not find where. Help!
I have got access to a remote linux box, where I need to install my application. My app listens on certain TCP port expecting connections from outside world. I have started my app successfully and it has bound to a port and listening. Connection from localhost are ok. But I can not connect from outside world. I have tried different ports and I have found that port 8080-8082 are working, but not other random ports. It is like ports are block but I do not know where? iptables has no rules in it. netstat looks ok two.


debian:~# netstat -lan
tcp6      0      0      :::*                    LISTEN


debian:~# iptables --list -n -v
Chain INPUT (policy ACCEPT 4176 packets, 428K bytes)
 pkts bytes target    prot opt in    out    source              destination   

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target    prot opt in    out    source              destination       

Chain OUTPUT (policy ACCEPT 4125 packets, 678K bytes)
 pkts bytes target    prot opt in    out    source              destination
shows that the port is blocked.

Any ideas?


PTrenholme 09-05-2009 04:28 PM

How are you connected to the remote site? Most network access connection devices (DSL modems, commercial cable modems, etc.) contain their own firewalls.

maggus 09-05-2009 05:15 PM

I have not been given any additional information on how that remote box is connected to the internet. As far as I can tell it is a dedicated server at some hosting provider and it has a static ip. traceroute shows that there is another ip address in the same subnet, which connection goes through. I guess that could be a gate or a router but I have no access for it. Do you think ports could be blocked by the hosting provider's router?

repo 09-05-2009 05:16 PM

Perhaps you can contact support?

PTrenholme 09-05-2009 06:46 PM

Actually, I was asking about your connection to the remote Linux box. I was assuming that, by "remote" you had implied that your route was passing through some type of hardware connecting to a leased cable or similar infrastructure. My point was that the lease vendor often installs a hardware firewall on the connection that wouldn't necessarily be visible in the traceroute output. Actually, such a firewall could be at either end of your connection or internal to any switch through which your signal is passed (although, of course, switches - by definition - are supposed to pass every routable datagram). Some "switches" are internal to things like modems, and modems often do provide firewalls.

maggus 09-06-2009 11:43 AM

My box connection probably does not matter, since I have checked ports using third party public service like and they are seams to be blocked two.
Bu t I see your point. Bottomline, I would need to talk to hosting support first about this remote box connection specifics.

All times are GMT -5. The time now is 11:50 PM.