LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices



Reply
 
Search this Thread
Old 10-09-2011, 12:59 PM   #1
JD0192
LQ Newbie
 
Registered: Oct 2011
Posts: 2

Rep: Reputation: Disabled
Question How do I open ports on CentOS?


I need to open ports 1 - 35000 On CentOS 5, UDP and TCP Inbound/Outbound.

I know the security issues, I just need a solution.

My current Rules:
Quote:
-A INPUT -p tcp -m tcp --dport 1:35000 -j ACCEPT
-A INPUT -p udp -m udp --dport 1:35000 -j ACCEPT
NOTE: This is for a VPN.


Full IPtables Rules
Quote:
# Generated by iptables-save v1.3.5 on Sun Oct 9 03:51:32 2011
*mangle
:PREROUTING ACCEPT [8186:444027]
:INPUT ACCEPT [8143:442218]
:FORWARD ACCEPT [43:1809]
:OUTPUT ACCEPT [8078:387238]
:POSTROUTING ACCEPT [8121:389047]
COMMIT
# Completed on Sun Oct 9 03:51:32 2011
# Generated by iptables-save v1.3.5 on Sun Oct 9 03:51:32 2011
*filter
:INPUT ACCEPT [111:13706]
:FORWARD ACCEPT [43:1809]
:OUTPUT ACCEPT [8078:387238]
-A INPUT -p tcp -m tcp --dport 1:35000 -j ACCEPT
-A INPUT -p udp -m udp --dport 1:35000 -j ACCEPT
-A INPUT -s 211.47.235.17 -j DROP
-A INPUT -s 92.239.245.180 -p tcp -m tcp --dport 22 -j ACCEPT
-A FORWARD -s 172.16.36.0/255.255.255.0 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j TCPMSS --set-mss 1356
COMMIT
# Completed on Sun Oct 9 03:51:32 2011
# Generated by iptables-save v1.3.5 on Sun Oct 9 03:51:32 2011
*nat
:PREROUTING ACCEPT [7438:375817]
:POSTROUTING ACCEPT [78:6968]
:OUTPUT ACCEPT [78:6968]
-A POSTROUTING -s 172.16.36.0/255.255.255.0 -j SNAT --to-source 1XX.X4X.XX.XX
-A POSTROUTING -s 172.16.36.0/255.255.255.0 -j SNAT --to-source 1XX.X4X.XX.XX
COMMIT
# Completed on Sun Oct 9 03:51:32 2011

What am I doing wrong here?
 
Old 10-09-2011, 02:38 PM   #2
dman777
Member
 
Registered: Dec 2010
Distribution: Gentoo
Posts: 224

Rep: Reputation: 8
From what I been told iptables does not close ports, it's only when you have the INPUT filter policy defaulted to DROP or REJECT then nothing get's through. you have your INPUT default policy to ACCEPT, so it's going to accept everything...hence, no need for rules to ACCEPT. I would guess it has something to do with your FORWARD chain.
 
Old 10-09-2011, 03:06 PM   #3
JD0192
LQ Newbie
 
Registered: Oct 2011
Posts: 2

Original Poster
Rep: Reputation: Disabled
So what do you think I should do about the forward rule?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
IP aliasing and open ports (27015 open on 4 aliased IPs) eSport-Eu Linux - Networking 0 01-14-2009 08:48 PM
Need to block all ports and open only select ports on Ubuntu 7.1 Mr.J Linux - Networking 1 11-18-2008 03:45 AM
open ports for utorrent using iptables n close smpt to that ports shtorrent00 Linux - Networking 2 09-30-2008 04:34 PM
Problem opening ports - ports appear open, but do not work. computer_freak_8 Linux - Software 10 09-20-2008 10:39 PM
Cannot Open Mail Server Ports 25, 110, and 220. Other Ports will open. Binxter Linux - Newbie 9 11-29-2007 03:03 AM


All times are GMT -5. The time now is 04:01 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration