Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I have a Red Hat Enterprise Linux 5 server which will be used for splunk. I need to backup this server using CA Brighstor Arcserve backup agent for Linux. I need to open up TCP ports 6050 and 6051 on the firewall on the Linux server. I ran the following commands:
I restarted the server and I still cannot connect through arcserve agent. I also cannot see these entries in my iptables.
[root@USSECIS017 sysconfig]# cat iptables
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 126.96.36.199 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 514 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8000 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
I need to keep this box as locked down as possible. Please advise and let me know if you need any additional information.
well that file is not your iptables, that's just a config script for the iptables service, which you've not changed. if you run "iptables -L" then that should show your actual ruleset including those changes. I'd recommend you actually try using the system-config-firewall tool which is what does directly modify that script.
Good choice with Splunk btw, Absolutely excellent product.
I received from Arcserve the entry to make in my iptables file which worked. I found out that runing the two commands that I posted didn't do anything because I did not save them which is what VIKAS027 mentioned. Thanks again for the replies. I am sure I will need more help at some point and it's nice to know you are out there to assist. By the way the entry that arcserve gave me for my iptables is as follows:
add the following line putting the port number where it says to
-A RH-Firewall-1-INPUT -m state _state NEW -m tcp -p tcp _dport port number -
save and exit
restart the network service by typing
service iptables restart
Again this worked and I am able to backup the server.