LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-21-2009, 08:16 AM   #1
m1n
Member
 
Registered: Feb 2009
Posts: 33

Rep: Reputation: 15
can't connect with port


Hi all. I can't connect to the server (rhel5) from my notebook (winXP) using port 1521. ( i need this port to use some softeware on the server )

on the server(selinux disabled):
Quote:
[root@bb ~]# netstat -na | grep 1521
tcp 0 0 0.0.0.0:1521 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:1521 127.0.0.1:28416 ESTABLISHED
tcp 0 0 127.0.0.1:28416 127.0.0.1:1521 ESTABLISHED
unix 2 [ ACC ] STREAM LISTENING 14564 /var/tmp/.oracle/sEXTPROC1521

[root@bb ~]# telnet xx.xx.xx.xx 1521
Trying xx.xx.xx.xx...
Connected to xx.xx.xx.xx (xx.xx.xx.xx).
Escape character is '^]'.
Connection closed by foreign host.
on the notebook (brandmawwr is turned off):

Quote:
> telnet xx.xx.xx.xx 1521
Enable to connect
> telnet xx.xx.xx.xx 22
SSH-OpenSSH_4.3
What may be wrong?
 
Old 06-21-2009, 08:19 AM   #2
harry edwards
Member
 
Registered: Nov 2007
Location: Lincolnshire, UK
Distribution: CentOS, Fedora, and Suse
Posts: 365

Rep: Reputation: 48
Is port 1521 open on the server's firewall?
 
Old 06-21-2009, 08:32 AM   #3
m1n
Member
 
Registered: Feb 2009
Posts: 33

Original Poster
Rep: Reputation: 15
I've made some chages to the /etc/sysconfig/iptables
and then restrated it:

Quote:
Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited



# ADDED BY ME:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1521 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1521 -j ACCEPT
#

COMMIT
 
Old 06-21-2009, 08:40 AM   #4
kirukan
Senior Member
 
Registered: Jun 2008
Location: Eelam
Distribution: Redhat, Solaris, Suse
Posts: 1,274

Rep: Reputation: 148Reputation: 148
Quote:
# ADDED BY ME:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1521 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1521 -j ACCEPT
#
Add this two chain before REJECT input traffic, i think all these input chains are executing one-by-one in an order
 
Old 06-21-2009, 08:46 AM   #5
m1n
Member
 
Registered: Feb 2009
Posts: 33

Original Poster
Rep: Reputation: 15
thanks a lot!!!!

Last edited by m1n; 06-21-2009 at 08:52 AM.
 
Old 06-21-2009, 09:06 AM   #6
m1n
Member
 
Registered: Feb 2009
Posts: 33

Original Poster
Rep: Reputation: 15
And the last question. I've done the same stuff for 7001 port but it coused the same problem ( i can't telnet it from the notebook)

Quote:
[root@bb Server]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255
ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:631
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:1521
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:1521
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:7001
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:7001
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
 
Old 06-21-2009, 09:25 AM   #7
harry edwards
Member
 
Registered: Nov 2007
Location: Lincolnshire, UK
Distribution: CentOS, Fedora, and Suse
Posts: 365

Rep: Reputation: 48
Is anything listening on 7001? Also, You seem to have duplicated the same rule?
 
Old 06-21-2009, 10:03 AM   #8
m1n
Member
 
Registered: Feb 2009
Posts: 33

Original Poster
Rep: Reputation: 15
Sorry i forgot that someone must to listen to that port. Thanks a lot! Now it works fine!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Fedora 10 com1 port will not connect to router console port using minicom rgjr979 Linux - Newbie 4 12-28-2009 06:35 PM
iptables help! DROP ssh port, but allow to connect to ssh if from 2222 port kandzha Linux - Networking 4 09-13-2006 10:10 AM
Can't Connect to port 25 diegofalciola Linux - Networking 18 12-06-2003 04:04 PM
Cant connect on port 80 slackwarefan Linux - Networking 5 10-26-2003 04:31 AM
can connect to port 25 zonelight Linux - Software 1 09-16-2003 05:12 AM


All times are GMT -5. The time now is 06:09 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration