LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page Can't open ports in Fedora 15
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 09-22-2011, 05:14 PM   #1
john_erlandsson
Member
 
Registered: Jul 2009
Location: Sweden
Distribution: Fedora
Posts: 70

Rep: Reputation: 1
Can't open ports in Fedora 15

Hi!

This is a problem which I had since fc12.

My firewall settings doesn't seem to take.

I have successfully set up ssh on my laptop(Fedora 15 desktop edition), and I am able to ssh in to that computer from my workstation(Fedora 15 KDE). But it doesen't work the other way around.

Code:
#nmap [LAPTOP IP]
Host is up (0.017s latency).
Not shown: 998 closed ports
PORT    STATE SERVICE
22/tcp  open  ssh
111/tcp open  rpcbind


#nmap [WORKSTATION IP]
Host is up (0.0016s latency).
Not shown: 997 closed ports
PORT     STATE SERVICE
23/tcp   open  telnet
80/tcp   open  http
9000/tcp open  cslistener

#nmap localhost (on workstation)
Starting Nmap 5.50 ( http://nmap.org ) at 2011-09-23 00:15 CEST
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000012s latency).
rDNS record for 127.0.0.1: localhost.localdomain
Not shown: 996 closed ports
PORT    STATE SERVICE
22/tcp  open  ssh
25/tcp  open  smtp
111/tcp open  rpcbind
631/tcp open  ipp
The strange thing is that the output from scanning the workstation is the same regardless of my firewall settings.
I tried:
  • Disabling firewall settings
    Disabling SELINUX
    Stopping both iptables and ip6tables services
It doesent make a difference.

This is the status of iptables (With firewall enabled)
Quote:
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
4 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
5 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
6 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
8 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:3483
9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:3483
10 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:9000
11 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:9000
12 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:9090
13 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:9092
14 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
4 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
5 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
And this is ip6tables
Quote:
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all ::/0 ::/0 state RELATED,ESTABLISHED
2 ACCEPT icmpv6 ::/0 ::/0
3 ACCEPT all ::/0 ::/0
4 ACCEPT all ::/0 ::/0
5 ACCEPT tcp ::/0 ::/0 state NEW tcp dpt:21
6 ACCEPT tcp ::/0 ::/0 state NEW tcp dpt:22
7 ACCEPT tcp ::/0 ::/0 state NEW tcp dpt:80
8 ACCEPT udp ::/0 ::/0 state NEW udp dpt:3483
9 ACCEPT tcp ::/0 ::/0 state NEW tcp dpt:3483
10 ACCEPT tcp ::/0 ::/0 state NEW tcp dpt:9000
11 ACCEPT udp ::/0 ::/0 state NEW udp dpt:9000
12 ACCEPT tcp ::/0 ::/0 state NEW tcp dpt:9090
13 ACCEPT tcp ::/0 ::/0 state NEW tcp dpt:9092
14 REJECT all ::/0 ::/0 reject-with icmp6-adm-prohibited

Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all ::/0 ::/0 state RELATED,ESTABLISHED
2 ACCEPT icmpv6 ::/0 ::/0
3 ACCEPT all ::/0 ::/0
4 ACCEPT all ::/0 ::/0
5 REJECT all ::/0 ::/0 reject-with icmp6-adm-prohibited

Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
Does this make sense to anyone?
Last edited by john_erlandsson; 09-22-2011 at 05:18 PM.
 
Old 09-22-2011, 06:39 PM   #2
kbp
Senior Member
 
Registered: Aug 2009
Posts: 3,790

Rep: Reputation: 653Reputation: 653Reputation: 653Reputation: 653Reputation: 653Reputation: 653
Quote:
#nmap [WORKSTATION IP]
Host is up (0.0016s latency).
Not shown: 997 closed ports
PORT STATE SERVICE
23/tcp open telnet
80/tcp open http
9000/tcp open cslistener

#nmap localhost (on workstation)
Starting Nmap 5.50 ( http://nmap.org ) at 2011-09-23 00:15 CEST
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000012s latency).
rDNS record for 127.0.0.1: localhost.localdomain
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
111/tcp open rpcbind
631/tcp open ipp
My guess is that these are not the same machine, are you sure you scanned the correct ip address for your workstation when you ran nmap remotely? ... the ports listed look more like a print server.

Quote:
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
4 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
5 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21
6 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
8 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:3483
9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:3483
10 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:9000
11 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:9000
12 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:9090
13 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:9092
14 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Your firewall rules are mostly ineffective, all inbound traffic not matching rules 1+2 will match rule 3 and the rules after rule 3 will never match anything.

Please provide the output of 'netstat -tnlp', 'ip addr' and 'ip route' from your workstation which will tell us what ports are actually listening and what your ip adddress is.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Need to block all ports and open only select ports on Ubuntu 7.1 Mr.J Linux - Networking 1 11-18-2008 02:45 AM
open ports for utorrent using iptables n close smpt to that ports shtorrent00 Linux - Networking 2 09-30-2008 03:34 PM
Problem opening ports - ports appear open, but do not work. computer_freak_8 Linux - Software 10 09-20-2008 09:39 PM
Cannot Open Mail Server Ports 25, 110, and 220. Other Ports will open. Binxter Linux - Newbie 9 11-29-2007 02:03 AM
how do you open ports in fedora linux phlav Linux - Newbie 1 12-29-2005 11:27 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 02:21 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration