LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 08-18-2009, 06:52 AM   #16
prayag_pjs
Senior Member
 
Registered: Feb 2008
Location: Pune - India
Distribution: Fedora,RedHat,CentOS,Gentoo
Posts: 1,145
Blog Entries: 4

Rep: Reputation: 147Reputation: 147

very well spoted by centos boy ..delete tat drop rule ... u will have a running server
 
Old 08-19-2009, 03:22 AM   #17
NeillH
LQ Newbie
 
Registered: Aug 2009
Location: England-Bedfordshire
Posts: 17

Original Poster
Rep: Reputation: 0
Thanks centosboy, this makes sence now. I am just having problem with syntax with getting line numbers, tried following

#iptables --line-numbers (not recognised)

Then I tried to insert rule with a line number to see where it appears;

#iptables -I INPUT 5 -p tcp --dport 10000 -j accept (hoping would insert as rule 5, then I could work out line numbers) This aslo resulted in unrecognised commands.

Told you I was newbie :-)

Neillh
 
Old 08-19-2009, 08:42 AM   #18
NeillH
LQ Newbie
 
Registered: Aug 2009
Location: England-Bedfordshire
Posts: 17

Original Poster
Rep: Reputation: 0
Hi Centosboy, starting to make sense, made changes now but port checker still telling me port is closed any ideas

[root@localhost ~]# iptables -nL -v --line-numbers
Chain INPUT (policy DROP 26 packets, 1076 bytes)
num pkts bytes target prot opt in out source destina tion
1 4846 5266K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0 /0
2 15M 2288M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0 /0 state RELATED,ESTABLISHED
3 713K 43M ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:22 state NEW
4 62677 3219K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:80 state NEW
5 113 6220 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:443 state NEW
6 1844K 116M ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0 /0 udp dpt:53 state NEW
7 267 10744 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:53 state NEW
8 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0 /0 udp dpt:69 state NEW
9 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:69 state NEW
10 1129 57132 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:25 state NEW
11 72 3600 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:110 state NEW
12 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0 /0 udp dpt:123 state NEW
13 12 480 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:20 state NEW
14 18365 1081K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:21 state NEW
15 7029 336K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:3306 state NEW
16 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0 /0 udp dpt:3306 state NEW
17 153 8504 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:5555 state NEW
18 5 240 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:8002 state NEW
19 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:9001 state NEW
20 24 1440 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:10000

Chain FORWARD (policy DROP 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destina tion

Chain OUTPUT (policy ACCEPT 1075 packets, 103K bytes)
num pkts bytes target prot opt in out source destina tion
1 4846 5266K ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0 /0
2 19M 4835M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0 /0 state NEW,RELATED,ESTABLISHED

Chain RH-Firewall-1-INPUT (0 references)
num pkts bytes target prot opt in out source destina tion


Neill
 
Old 08-19-2009, 06:35 PM   #19
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.9, Centos 7.3
Posts: 17,374

Rep: Reputation: 2383Reputation: 2383Reputation: 2383Reputation: 2383Reputation: 2383Reputation: 2383Reputation: 2383Reputation: 2383Reputation: 2383Reputation: 2383Reputation: 2383
Have you read that link in my post #11? See also 27.1.16 http://www.linuxtopia.org/online_boo...onfig-iptables.
The easiest way is to save a copy of that file, then edit it direct. Post your file here, its easier to read than the output of iptables cmd.
 
Old 08-20-2009, 02:49 AM   #20
centosboy
Senior Member
 
Registered: May 2009
Location: london
Distribution: centos5
Posts: 1,137

Rep: Reputation: 116Reputation: 116
Quote:
Originally Posted by chrism01 View Post
Have you read that link in my post #11? See also 27.1.16 http://www.linuxtopia.org/online_boo...onfig-iptables.
The easiest way is to save a copy of that file, then edit it direct. Post your file here, its easier to read than the output of iptables cmd.

chrism is absolutely right.
if the running iptables configuration is saved to /etc/sysconfig/iptables, it can be as simple as editing this file and restarting iptables, although it isnt recommended unless you know what you are doing.
With regards to deleting the DROP chain - never do that, just make sure it is always the very last rule on any chain.
 
Old 08-20-2009, 02:51 AM   #21
centosboy
Senior Member
 
Registered: May 2009
Location: london
Distribution: centos5
Posts: 1,137

Rep: Reputation: 116Reputation: 116
Quote:
Originally Posted by NeillH View Post
Thanks centosboy, this makes sence now. I am just having problem with syntax with getting line numbers, tried following

#iptables --line-numbers (not recognised)

Then I tried to insert rule with a line number to see where it appears;

#iptables -I INPUT 5 -p tcp --dport 10000 -j accept (hoping would insert as rule 5, then I could work out line numbers) This aslo resulted in unrecognised commands.

Told you I was newbie :-)

Neillh

ok sorry.
should be this

Code:
iptables -L INPUT --line-numbers
 
Old 08-20-2009, 04:13 PM   #22
NeillH
LQ Newbie
 
Registered: Aug 2009
Location: England-Bedfordshire
Posts: 17

Original Poster
Rep: Reputation: 0
Thanks all

I had a look at saving the iptables as suggested but probably beyond my limited competency. But I think iptables has now been configure correctly as per suggestions, although I will add a drop line when port 10000 open. Still port not open , is there anything obvious I am missing?

NeillH
 
Old 08-20-2009, 04:52 PM   #23
centosboy
Senior Member
 
Registered: May 2009
Location: london
Distribution: centos5
Posts: 1,137

Rep: Reputation: 116Reputation: 116
Quote:
Originally Posted by NeillH View Post
Thanks all

I had a look at saving the iptables as suggested but probably beyond my limited competency. But I think iptables has now been configure correctly as per suggestions, although I will add a drop line when port 10000 open. Still port not open , is there anything obvious I am missing?

NeillH
it looks like it according to your iptables rules. packet and byte count are increasing for port 10000.


Code:
20 24 1440 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0 /0 tcp dpt:10000

see if port is listening

Code:
netstat -ptna | grep 10000
 
Old 08-21-2009, 03:53 AM   #24
NeillH
LQ Newbie
 
Registered: Aug 2009
Location: England-Bedfordshire
Posts: 17

Original Poster
Rep: Reputation: 0
Thanks centosboy, no reply from your command line, so I guess port is not listening. Is this easy to configure to listen?

NeillH
 
Old 08-21-2009, 04:24 AM   #25
linuxlover.chaitanya
Senior Member
 
Registered: Apr 2008
Location: Nagpur, India
Distribution: Cent OS 5/6, Ubuntu Server 10.04
Posts: 4,629

Rep: Reputation: Disabled
Can you confirm if webmin is running?

chkconfig --list | grep webmin

service webmin status
 
Old 08-21-2009, 05:13 AM   #26
centosboy
Senior Member
 
Registered: May 2009
Location: london
Distribution: centos5
Posts: 1,137

Rep: Reputation: 116Reputation: 116
Quote:
Originally Posted by linuxlover.chaitanya View Post
Can you confirm if webmin is running?

chkconfig --list | grep webmin

service webmin status
and if it isnt - start it

Code:
service webmin start
 
Old 08-21-2009, 05:41 AM   #27
linuxlover.chaitanya
Senior Member
 
Registered: Apr 2008
Location: Nagpur, India
Distribution: Cent OS 5/6, Ubuntu Server 10.04
Posts: 4,629

Rep: Reputation: Disabled
Quote:
Originally Posted by centosboy View Post
and if it isnt - start it

Code:
service webmin start
Exactly...Sorry for not being explicit.
 
Old 08-22-2009, 01:03 AM   #28
NeillH
LQ Newbie
 
Registered: Aug 2009
Location: England-Bedfordshire
Posts: 17

Original Poster
Rep: Reputation: 0
mmm no luck,


[root@localhost ~]# chkconfig --list | grep webmin
[root@localhost ~]# service webmin status
webmin: unrecognized service
[root@localhost ~]# service webmin start
webmin: unrecognized service

Does this mean webmin needs installing, I believed it was installed by default.

NeillH
 
Old 08-22-2009, 01:18 AM   #29
linuxlover.chaitanya
Senior Member
 
Registered: Apr 2008
Location: Nagpur, India
Distribution: Cent OS 5/6, Ubuntu Server 10.04
Posts: 4,629

Rep: Reputation: Disabled
Now there it goes. You obviously need to install it.

yum install webmin
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Can't seem to open port 10000 on FC6 Lordandmaker Fedora 1 12-09-2007 04:48 PM
cannot SFTP to SUSE 9.2 box, port 22 open, can putty in though using same port. jgrady Linux - Networking 6 03-29-2005 08:44 AM
open port 10000 by iptables vijaysh Linux - Security 2 12-24-2004 12:55 PM
webmin port 10000 not going through kevinm2 Linux - Software 3 08-19-2004 12:29 PM
Squid blocks port 10000 sigma957 Linux - Security 1 09-29-2003 04:11 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 07:20 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration