Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
i've set up an rc.firewall script using iptables, and gotten it all the way i want it (which is almost all closed off). i've got a server running sshd, sendmail and imapd, and i drop all incoming ports except those three like this:
iptables -P INPUT DROP
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp --dport 143 -j ACCEPT
and that works well. i've testing sending and receiving email on my LAN and it's good. so my question is: do i need to open udp ports for anything? what are they for? are there important features of sendmail or imapd that i'm breaking?
UDP is just another protocol that sits on top of IP. It is similar to TCP in that it uses ports to allow multiple processes to use the network interface of one machine (such as ssh sits on tcp port 22, smtp on tcp port 25...). The major difference between UDP and TCP is the fact that TCP is 'connection oriented' and UDP is 'connectionless'.
If you run
you will get a list of the ports open by process and connection type (udp/tcp/unix). Unix connections are local to the machine (i.e. local inter process communications) and can be ignored. If there are any processes in this list that you wish to allow access to the network then you can add them to the iptables list. This output is also quite useful for enabling you to shut down processes that you don't want running (which will ultimately make your box quicker and more secure). If you don't know what a process does then googling for it will usually yield enough information to be able to make a decision.
thanks, that helps clear things up a little. i'm just curious whether i need to open any udp ports. right now they're all closed down, even though in /etc/services ssh, smtp, and imap are all listed as both tcp and udp. with only the tcp ports open i don't seem to be having any trouble though, and i'm sure i'm safer. my question is do ssh, smtp and imap actually need udp for anything? or is /etc/services just wrong?
Personally, I would search the project sites for more information for each of the servers that you are using, or take a look through the help pages for your distro. If there is nothing to indicate that these udp ports should be open then I would leave them alone.
/etc/services lists the commonly used ports for a particular service, and I believe it is used by certain processes as a look up, and indicates that these process can use udp if tcp is not available/desired by the process.