LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   how to open UDP 161 port to allow only the SNMP monitoring server? (https://www.linuxquestions.org/questions/linux-networking-3/how-to-open-udp-161-port-to-allow-only-the-snmp-monitoring-server-4175544969/)

cebo_myeza 06-10-2015 02:11 AM
how to open UDP 161 port to allow only the SNMP monitoring server?
 
hi

i am working on a splunk project and i am using centos as my operating system, i just need help on how to allow only the SNMP monitoring server (SPLUNK) to connect to UDP 161 port in centos using CLI.And my monitoring host is 192.168.1.2/24

i have been using CLI command below but i am getting an error of bash: -A: command not found

-A INPUT -s 192.168.1.2/24 -p udp -m udp --sport 1024:65535 --dport 161 -m state --state NEW,ESTABLISHED -j ACCEPT

please help

roger_heslop 06-10-2015 03:47 AM
The rule that you've used looks like what you might see as a rule in /etc/sysconfig/iptables, but it's not a command. To apply that same rule, use the same syntax but starting with 'iptables'. For example:

Code:
iptables -A INPUT -s 192.168.1.2/24 -p udp -m udp --sport 1024:65535 --dport 161 -m state --state NEW,ESTABLISHED -j ACCEPT
That will change the running state of the firewall, but it's lost once restarted unless you save the configuration.

Code:
service iptables save

Habitual 06-11-2015 11:11 AM
Quote:
Originally Posted by cebo_myeza (Post 5374965)
Code:
-A INPUT -s 192.168.1.2/24 -p udp -m udp --sport 1024:65535 --dport 161 -m state --state NEW,ESTABLISHED -j ACCEPT
please help
Roger beat me to it :(
Go Roger, go!
Code:
iptables -A INPUT -s 192.168.1.2/24 -p udp -m udp --sport 1024:65535 --dport 161 -m state --state NEW,ESTABLISHED -j ACCEPT


All times are GMT -5. The time now is 11:23 AM.