LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-23-2012, 12:10 AM   #1
anwar5006
LQ Newbie
 
Registered: Jan 2012
Posts: 20

Rep: Reputation: Disabled
Unable to open a port


I have installed oracle weblogic Admini server in machine 1 and managed server in machine 2.

I need to open a port - 5556 on both machine 1 and machine 2.

i have added port no. 5556 on /etc/sysconfig/iptables using the command

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5556 -j ACCEPT

but when i telnet ip and port no. from machine2 to machine1 or machine1 to machine2

i get the following output . .

Telnet from machine1 to machine 2 :-

[root@machine1 sysconfig]# telnet 20.42.15.184 5556
Trying 20.42.15.184...
telnet: connect to address 20.42.15.184: No route to host
telnet: Unable to connect to remote host: No route to host
[root@machine1 sysconfig]#

Telnet machine2 to machine1:-

[root@machine2 wmeadmin]# telnet 20.42.15.199 5556
Trying 20.42.15.199...
telnet: connect to address 20.42.15.199: Connection refused
telnet: Unable to connect to remote host: Connection refused
[root@machine2 wmeadmin]#

Kindly guide me . .
 
Old 10-23-2012, 12:30 AM   #2
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,240

Rep: Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324
Start with checking the firewalls
Code:
cat /etc/sysconfig/iptables
on both.
Did you restart iptables after adding that rule?
Also check /etc/hosts.allow, /etc/hosts.deny
 
Old 10-23-2012, 03:46 AM   #3
anwar5006
LQ Newbie
 
Registered: Jan 2012
Posts: 20

Original Poster
Rep: Reputation: Disabled
Am getting this output when restart iptable on Machine1

[root@machine1 etc]# service iptables restart
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]
Applying iptables firewall rules: iptables-restore: line 7 failed
[FAILED]
[root@machine1 etc]#

For Machine2 it is successful

[root@CSCWMEALD184V wmeadmin]# service iptables restart
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]
Applying iptables firewall rules: [ OK ]
Loading additional iptables modules: ip_conntrack_netbios_n[ OK ]ntrack_ftp
[root@CSCWMEALD184V wmeadmin]#

[root@CSCWMEALD199V etc]# more hosts.allow
#
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#

[root@CSCWMEALD199V etc]# more hosts.deny
#
# hosts.deny This file describes the names of the hosts which are
# *not* allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow. In particular
# you should know that NFS uses portmap!

[root@CSCWMEALD199V etc]#
 
Old 10-23-2012, 05:49 AM   #4
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,240

Rep: Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324
Well obviously you need to fix machine 1 iptables
 
1 members found this post helpful.
Old 10-23-2012, 09:40 AM   #5
anwar5006
LQ Newbie
 
Registered: Jan 2012
Posts: 20

Original Poster
Rep: Reputation: Disabled
can anyone tell me how to do it ?
 
Old 10-23-2012, 10:23 AM   #6
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 17,926

Rep: Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690
Quote:
Originally Posted by anwar5006 View Post
can anyone tell me how to do it ?
Well, you obviously KNOW how to modify iptables, since in your VERY FIRST POST you told us you modified the iptables rules, by editing "/etc/sysconfig/iptables".

Try doing that...and, since you got an error on line 7, pay particular attention to that line.
 
Old 10-24-2012, 06:14 AM   #7
anwar5006
LQ Newbie
 
Registered: Jan 2012
Posts: 20

Original Poster
Rep: Reputation: Disabled
Well . . i checked port on machine 2 whethere it is opened or not.

I executed the command - nmap -P0 -T4 hostname -p 5556

[root@machine2 sysconfig]# nmap -P0 -T4 machine2 -p 5556

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2012-10-24 11:13 BST
Interesting ports on machuine2 (20.42.15.184):
PORT STATE SERVICE
5556/tcp open unknown

Nmap finished: 1 IP address (1 host up) scanned in 0.033 seconds
[root@machine2 sysconfig]#

I observed that Port is Open on machine2, but machine1 is unable to communicate to it . .
 
Old 10-24-2012, 06:15 AM   #8
anwar5006
LQ Newbie
 
Registered: Jan 2012
Posts: 20

Original Poster
Rep: Reputation: Disabled
Can any expert tell . . how can i make it communicate . . ?
 
Old 10-24-2012, 10:17 AM   #9
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 17,926

Rep: Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690
Quote:
Originally Posted by anwar5006 View Post
Can any expert tell . . how can i make it communicate . . ?
Don't bump your own thread...and did you do as was suggested? That is, look in the file you made changes to (the one YOU mentioned), and pay attention to the line you posted the error about (line 7)?

Running nmap without doing ANYTHING to the iptables rules is fairly pointless. And have you completely gone through the installation documents, that walk you through the installation?
http://docs.oracle.com/cd/E23943_01/manage.htm
 
Old 10-25-2012, 05:25 AM   #10
anwar5006
LQ Newbie
 
Registered: Jan 2012
Posts: 20

Original Poster
Rep: Reputation: Disabled
I am not dumping the thread . .

The reason for executing nmap is to identify whether port 5556 is opened on not. Iptable error message was throwing on machine 1 and i executed nmap command on machine 2 - where i wanted to open the port. nmap cmd is to identify whether port is opened or not.

issue - i was unable to telnet machine2_ip port_no - from machine1.

Temoparary solution :-

- we can off iptable = using the cmd services iptables stop


I know this not a good practice to off iptable, but my goal was to communicate port between two machine for oracle weblogic. I did.

Thanks guys for ur reply.
 
Old 10-25-2012, 10:22 AM   #11
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 17,926

Rep: Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690Reputation: 3690
Quote:
Originally Posted by anwar5006 View Post
I am not dumping the thread . .
Yes, you did...and it's called "bumping". You posted ONE MINUTE after your other post, with no new information, and a further request for help.
Quote:
The reason for executing nmap is to identify whether port 5556 is opened on not. Iptable error message was throwing on machine 1 and i executed nmap command on machine 2 - where i wanted to open the port. nmap cmd is to identify whether port is opened or not.

issue - i was unable to telnet machine2_ip port_no - from machine1.

Temoparary solution :-
- we can off iptable = using the cmd services iptables stop
I know this not a good practice to off iptable, but my goal was to communicate port between two machine for oracle weblogic. I did.
Thanks guys for ur reply.
Spell out your words. And yes, we realize why you did nmap, but until you modify the iptables rules (as you did in your very first post), you'll have a problem. Not sure why you could do it on one machine, but can't do it on another, but turning off iptables is an extreme solution.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
CentOS 5: iptables - cannot open port 80 and nat to port 8080 for Tomcat steve willett Linux - Networking 4 09-24-2010 05:03 AM
Unable to open port in router or firewall jake.smeden@gmail.com Linux - Networking 2 01-26-2010 06:37 PM
Unable to allocate port with port forwarding software djeepp Linux - Networking 3 01-29-2008 08:28 AM
Unable to open USB port : Permission denied After 7.10 upgrade Fixed_it Ubuntu 1 12-26-2007 12:15 PM
unable to open port 25 for some reason? why? f1uke Linux - Newbie 0 04-13-2003 10:23 PM


All times are GMT -5. The time now is 06:42 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration