LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 03-14-2005, 02:21 AM   #1
mcd
Member
 
Registered: Aug 2003
Location: Boulder, CO
Distribution: Slackware, RHEL, CentOS
Posts: 825

Rep: Reputation: 33
question about udp ports


i've set up an rc.firewall script using iptables, and gotten it all the way i want it (which is almost all closed off). i've got a server running sshd, sendmail and imapd, and i drop all incoming ports except those three like this:

iptables -P INPUT DROP
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp --dport 143 -j ACCEPT

and that works well. i've testing sending and receiving email on my LAN and it's good. so my question is: do i need to open udp ports for anything? what are they for? are there important features of sendmail or imapd that i'm breaking?
 
Old 03-14-2005, 04:08 AM   #2
dylants
Member
 
Registered: Oct 2003
Location: Bath UK
Distribution: RedHat 7,9 RHEL 2.1-4 Suse 9.1, 9.2, Ubuntu, Centos 3-4, Fedora 3-5
Posts: 44

Rep: Reputation: 15
UDP is just another protocol that sits on top of IP. It is similar to TCP in that it uses ports to allow multiple processes to use the network interface of one machine (such as ssh sits on tcp port 22, smtp on tcp port 25...). The major difference between UDP and TCP is the fact that TCP is 'connection oriented' and UDP is 'connectionless'.

If you run
Code:
netstat -anp
you will get a list of the ports open by process and connection type (udp/tcp/unix). Unix connections are local to the machine (i.e. local inter process communications) and can be ignored. If there are any processes in this list that you wish to allow access to the network then you can add them to the iptables list. This output is also quite useful for enabling you to shut down processes that you don't want running (which will ultimately make your box quicker and more secure). If you don't know what a process does then googling for it will usually yield enough information to be able to make a decision.

HTH

Dylan
 
Old 03-14-2005, 02:53 PM   #3
mcd
Member
 
Registered: Aug 2003
Location: Boulder, CO
Distribution: Slackware, RHEL, CentOS
Posts: 825

Original Poster
Rep: Reputation: 33
thanks, that helps clear things up a little. i'm just curious whether i need to open any udp ports. right now they're all closed down, even though in /etc/services ssh, smtp, and imap are all listed as both tcp and udp. with only the tcp ports open i don't seem to be having any trouble though, and i'm sure i'm safer. my question is do ssh, smtp and imap actually need udp for anything? or is /etc/services just wrong?
 
Old 03-15-2005, 04:13 AM   #4
dylants
Member
 
Registered: Oct 2003
Location: Bath UK
Distribution: RedHat 7,9 RHEL 2.1-4 Suse 9.1, 9.2, Ubuntu, Centos 3-4, Fedora 3-5
Posts: 44

Rep: Reputation: 15
Personally, I would search the project sites for more information for each of the servers that you are using, or take a look through the help pages for your distro. If there is nothing to indicate that these udp ports should be open then I would leave them alone.

/etc/services lists the commonly used ports for a particular service, and I believe it is used by certain processes as a look up, and indicates that these process can use udp if tcp is not available/desired by the process.

HTH

Dylan
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
UDP ports Khalinsar Linux - Security 1 06-05-2005 12:51 PM
udp ports in suse 9.0 firewall? QCompson Linux - Security 1 03-16-2004 06:27 AM
Open UDP ports ArnaudVR Linux - Security 6 06-25-2003 10:43 AM
UDP ports and IPTables estranged0877 Linux - Networking 4 02-18-2003 01:44 PM
Closing UDP ports in RHL 8.0 estranged0877 Linux - Security 2 01-26-2003 02:27 PM


All times are GMT -5. The time now is 10:43 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration