LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 09-17-2013, 11:19 AM   #1
z01krh
Member
 
Registered: May 2009
Posts: 34

Rep: Reputation: 0
redhat firewall open port


I have used iptables and opened a port
vi /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 1500 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 1505 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 1500 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 1505 -j ACCEPT

saved the file and did service iptables restart
However nmap and netstat are not showing the port open.
netstat -tanp | grep LISTEN

All searching I have done have shown this is the way to do it.

An ideas would be appreciated.
Thanks,

I am using Red Hat Enterprise Linux ES release 4 (Nahant Update 5)
 
Old 09-17-2013, 11:23 AM   #2
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 27,322

Rep: Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089
Quote:
Originally Posted by z01krh View Post
I have used iptables and opened a port
vi /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 1500 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 1505 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 1500 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 1505 -j ACCEPT

saved the file and did service iptables restart However nmap and netstat are not showing the port open.
netstat -tanp | grep LISTEN

All searching I have done have shown this is the way to do it. An ideas would be appreciated.
There is a difference between allowing traffic on a port, and actually running a service that LISTENS on that port. You can open port 1500 all you'd like...but if there's no service actually present on that port, it won't show anything. What service did you configure to use port 1500? Have you verified it's running?
Quote:
I am using Red Hat Enterprise Linux ES release 4 (Nahant Update 5)
RHEL4 is VERY old...and, since you're using RHEL, have you contacted Red Hat support yet?? You are paying for RHEL, right???
 
Old 09-17-2013, 04:45 PM   #3
z01krh
Member
 
Registered: May 2009
Posts: 34

Original Poster
Rep: Reputation: 0
Can you provide any links how to set up a service to listen on a port?
I know it is old it will be updated next year.

Thanks
 
Old 09-17-2013, 04:57 PM   #4
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 27,322

Rep: Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089
Quote:
Originally Posted by z01krh View Post
Can you provide any links how to set up a service to listen on a port?
No, that's like asking "How high is up??" Each service is configured differently...you have to decide what service you want to run, then read up on how to configure it.
Quote:
I know it is old it will be updated next year
At which point it'll be even OLDER, and more unstable. If you're not paying for RHEL, then load CentOS...it's 99.x% identical, but FREE.
 
Old 09-18-2013, 01:39 PM   #5
z01krh
Member
 
Registered: May 2009
Posts: 34

Original Poster
Rep: Reputation: 0
The issue is budget and downtime. We are paying for RHEL. The problem is getting the new servers approved. Running the newest RHEL on and old hunk of junk would not make much more sense. Plus the upgrade of the 3rd party software requires 10 hours downtime on a 24x7 machine.
 
Old 09-18-2013, 02:33 PM   #6
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 27,322

Rep: Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089Reputation: 8089
Quote:
Originally Posted by z01krh View Post
The issue is budget and downtime. We are paying for RHEL. The problem is getting the new servers approved. Running the newest RHEL on and old hunk of junk would not make much more sense. Plus the upgrade of the 3rd party software requires 10 hours downtime on a 24x7 machine.
Sorry, but that doesn't make much sense to me, no matter how you look at it.

If the machine is that critical to your business, you should have it up to date with a backup system for it. If you DON'T have those things, then the server isn't critical at all, and 10 hours of downtime shouldn't matter...especially after hours.

If the server is critical, it should be trivial to purchase a new server (for about $1000 or less), and load the latest RHEL on it. Since you are paying for RHEL, your license can be migrated over at very little/no cost. Get the new 3rd party software up and running, migrate data, test it, and move forward. If the server/software is THAT critical, it's insane not to have a working backup server to fail over to, especially one that's running old OS and (ostensibly), an old version of the 3rd party software.

And again, if you are paying for RHEL, you can call Red Hat support for questions about services.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
About Open port in firewall satishmali1983 Linux - Security 1 02-23-2010 05:26 AM
If I forward a port in iptables, does the port have to be open on the firewall? qwertyjjj Linux - Server 4 08-06-2009 10:22 AM
port 25 filtered despite firewall having port 25 open ille.pugil42 Linux - Security 8 03-09-2007 01:51 AM
how to open a port in the firewall redhat bosewicht Linux - Newbie 2 12-01-2003 10:15 PM
firewall.rc.config says :"open port 8080" but nmap says port is closed saavik Linux - Security 2 02-14-2002 01:16 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 11:59 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration