LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-28-2011, 02:34 AM   #1
amartlk
Member
 
Registered: Sep 2010
Location: Nagpur India
Posts: 347

Rep: Reputation: 1
how to open port


hi
i have centos5.3 installed with iptables firewall, i want to open port 5222 as i want to access application which uses port 5222 from internet

pls help

Regards
Amar
 
Old 04-28-2011, 05:27 AM   #2
amartlk
Member
 
Registered: Sep 2010
Location: Nagpur India
Posts: 347

Original Poster
Rep: Reputation: 1
pls reply

Amar
 
Old 04-28-2011, 05:32 AM   #3
brownie_cookie
Member
 
Registered: Mar 2011
Location: Belgium
Distribution: CentOS release 5.5 (Final), Red Hat Enterprise Linux ES release 4 (Nahant Update 8)
Posts: 416
Blog Entries: 2

Rep: Reputation: 12
HTH

let us know if that worked for you

Kind regards
 
Old 04-28-2011, 07:16 AM   #4
amartlk
Member
 
Registered: Sep 2010
Location: Nagpur India
Posts: 347

Original Poster
Rep: Reputation: 1
thanks for reply
it not work for me, actually i have 2 lancard on server etho connected to internal lan and eth1 to isp internet ,and my internet is controlled through squid proxy here also i make acl for 5222 port , i add rule in iptables as follows
-A INPUT -p tcp -m tcp -m state -i eth1 --dport 5222 --state NEW,ESTABLISHED,RELATED -j ACCEPT
and fired command netstat tlpn | grep 5222 but not shown any thing


Regards
Amar
 
Old 04-28-2011, 07:24 AM   #5
brownie_cookie
Member
 
Registered: Mar 2011
Location: Belgium
Distribution: CentOS release 5.5 (Final), Red Hat Enterprise Linux ES release 4 (Nahant Update 8)
Posts: 416
Blog Entries: 2

Rep: Reputation: 12
have you restarted your services?
 
Old 04-28-2011, 07:32 AM   #6
omgs
Member
 
Registered: Dec 2010
Posts: 64

Rep: Reputation: 6
First of all, the app should be running on expected port, 5222 in your case. While this doesn't happen, nothing will work, and according to your netstat, there's nothing running in such port.
 
Old 04-28-2011, 07:49 AM   #7
amartlk
Member
 
Registered: Sep 2010
Location: Nagpur India
Posts: 347

Original Poster
Rep: Reputation: 1
i restarted the services , the iptables rule i write is ok or not according to the lan set up i explain earlier,and the app is running on the 5222 port


AMar
 
Old 04-28-2011, 08:08 AM   #8
omgs
Member
 
Registered: Dec 2010
Posts: 64

Rep: Reputation: 6
Quote:
Originally Posted by amartlk View Post
...
and fired command netstat tlpn | grep 5222 but not shown any thing
If your command doesn't show any lines with 5222, which includes the listening port, that means that there's nothing listening on port 5222. If I'm missing something, please elaborate more clearly.
 
Old 04-28-2011, 08:20 AM   #9
amartlk
Member
 
Registered: Sep 2010
Location: Nagpur India
Posts: 347

Original Poster
Rep: Reputation: 1
hi

app listening on port 5222 in server , i want to access this app from internet for that i need to unblock port 5222, i mention the rule i apply in my firewall server i.e internet server but it shows nothing pls guide
 
Old 04-28-2011, 08:28 AM   #10
savona
Member
 
Registered: Mar 2011
Location: Bellmawr, NJ
Distribution: Red Hat / Fedora
Posts: 195

Rep: Reputation: 50
To rule out firewall problems trying flushing all the rules, this will allow ALL traffic so make sure you set everything back quickly after testing.

1) Copy current iptables file just in case:

cp /etc/sysconfig/iptables /root/iptables

2) Flush iptables rules and allow all traffic

iptables -F

3) Test your app and see if you can access from internet, if not, its an application issue NOT iptables. To replace all your iptables rules run the following command.

/etc/init.d/iptables restart

4) confirm your iptables rules are back.

iptables -L -v
 
Old 04-28-2011, 08:59 AM   #11
amartlk
Member
 
Registered: Sep 2010
Location: Nagpur India
Posts: 347

Original Poster
Rep: Reputation: 1
after flushing iptables rules app working
 
Old 04-28-2011, 09:23 AM   #12
savona
Member
 
Registered: Mar 2011
Location: Bellmawr, NJ
Distribution: Red Hat / Fedora
Posts: 195

Rep: Reputation: 50
Quote:
Originally Posted by amartlk View Post
after flushing iptables rules app working
Great, so now lets open the port.


This is how I would do it.

To open port 5222 traffic using TCP add the following:

iptables -I INPUT -p tcp -i eth1 --dport 5222 -j ACCEPT


If your using UDP (or both) add this:
iptables -I INPUT -p udp -i eth1 --dport 5222 -j ACCEPT
 
Old 04-28-2011, 09:48 AM   #13
amartlk
Member
 
Registered: Sep 2010
Location: Nagpur India
Posts: 347

Original Poster
Rep: Reputation: 1
added rule after restart iptable service,fired netstat tlpn | grep 5222 still not shown any thing, while netstat tlpn | grep 5222 on app server show port listening and unable still problem not ressolved

AMar
 
Old 04-28-2011, 10:06 AM   #14
savona
Member
 
Registered: Mar 2011
Location: Bellmawr, NJ
Distribution: Red Hat / Fedora
Posts: 195

Rep: Reputation: 50
Quote:
Originally Posted by amartlk View Post
added rule after restart iptable service,fired netstat tlpn | grep 5222 still not shown any thing, while netstat tlpn | grep 5222 on app server show port listening and unable still problem not ressolved

AMar

Did you SAVE the iptables config before restarting it?

Can you show me the output of the following command:

Code:
iptables -L -v
 
Old 04-29-2011, 01:32 AM   #15
amartlk
Member
 
Registered: Sep 2010
Location: Nagpur India
Posts: 347

Original Poster
Rep: Reputation: 1
pls find the output of iptables -L -v

Chain INPUT (policy ACCEPT 16824 packets, 1413K bytes)
pkts bytes target prot opt in out source destination
23624 2301K LOG all -- eth0 any anywhere anywhere LOG level debug prefix `BANDWIDTH_IN:'
7357 975K ACCEPT tcp -- eth0 any anywhere anywhere state NEW,RELATED,ESTABLISHED tcp dpt:squid
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp spt:squid state RELATED,ESTABLISHED
11612 14M ACCEPT tcp -- eth1 any anywhere anywhere state RELATED,ESTABLISHED tcp spt:http
0 0 ACCEPT tcp -- eth1 any anywhere anywhere tcp dpt:xmpp-client

Chain FORWARD (policy ACCEPT 2953 packets, 949K bytes)
pkts bytes target prot opt in out source destination
2953 949K LOG all -- any eth0 anywhere anywhere LOG level debug prefix `BANDWIDTH_OUT:'
2816 556K LOG all -- eth0 any anywhere anywhere LOG level debug prefix `BANDWIDTH_IN:'
2816 556K ACCEPT all -- eth0 any anywhere anywhere

Chain OUTPUT (policy ACCEPT 46818 packets, 50M bytes)
pkts bytes target prot opt in out source destination
46266 50M LOG all -- any eth0 anywhere anywhere LOG level debug prefix `BANDWIDTH_OUT:'
9699 1155K ACCEPT tcp -- any eth1 anywhere anywhere state NEW,RELATED,ESTABLISHED tcp dpt:http
0 0 ACCEPT tcp -- any eth0 anywhere anywhere state RELATED,ESTABLISHED tcp spt:http


AMar
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
CentOS 5: iptables - cannot open port 80 and nat to port 8080 for Tomcat steve willett Linux - Networking 4 09-24-2010 05:03 AM
If I forward a port in iptables, does the port have to be open on the firewall? qwertyjjj Linux - Server 4 08-06-2009 10:22 AM
port 25 filtered despite firewall having port 25 open ille.pugil42 Linux - Security 8 03-09-2007 01:51 AM
best port scanner To scan open port in a network tanveer Linux - Security 8 01-21-2007 09:19 PM
cannot SFTP to SUSE 9.2 box, port 22 open, can putty in though using same port. jgrady Linux - Networking 6 03-29-2005 09:44 AM


All times are GMT -5. The time now is 05:47 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration