question about udp ports
i've set up an rc.firewall script using iptables, and gotten it all the way i want it (which is almost all closed off). i've got a server running sshd, sendmail and imapd, and i drop all incoming ports except those three like this:
iptables -P INPUT DROP iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A INPUT -p tcp --dport 25 -j ACCEPT iptables -A INPUT -p tcp --dport 143 -j ACCEPT and that works well. i've testing sending and receiving email on my LAN and it's good. so my question is: do i need to open udp ports for anything? what are they for? are there important features of sendmail or imapd that i'm breaking? |
UDP is just another protocol that sits on top of IP. It is similar to TCP in that it uses ports to allow multiple processes to use the network interface of one machine (such as ssh sits on tcp port 22, smtp on tcp port 25...). The major difference between UDP and TCP is the fact that TCP is 'connection oriented' and UDP is 'connectionless'.
If you run Code:
netstat -anp HTH Dylan |
thanks, that helps clear things up a little. i'm just curious whether i need to open any udp ports. right now they're all closed down, even though in /etc/services ssh, smtp, and imap are all listed as both tcp and udp. with only the tcp ports open i don't seem to be having any trouble though, and i'm sure i'm safer. my question is do ssh, smtp and imap actually need udp for anything? or is /etc/services just wrong?
|
Personally, I would search the project sites for more information for each of the servers that you are using, or take a look through the help pages for your distro. If there is nothing to indicate that these udp ports should be open then I would leave them alone.
/etc/services lists the commonly used ports for a particular service, and I believe it is used by certain processes as a look up, and indicates that these process can use udp if tcp is not available/desired by the process. HTH Dylan |
All times are GMT -5. The time now is 01:32 AM. |