HI,

I would like to know how to open a UDP port in Linux. Basically i installed Sebek. I want it to be hooked up to port 1101.

Any response appreciated.

Thanks

you open a port by using it. there's no such thing as being just "opened" outright. you can explicitly deny access with a firewall if you have one, but if not there's nothing in the way of doing what you want.

ok...In that cse, i installed Sebek and configured the source port to be UDP port 1101.

But i could not really see any sebek data.

So i checked it by runnning nmap and scanned for UDP open ports. I did not find UDP port 1101 in the resuls given by nmap.And this could be the reason why sebek is not logging anything.

I dont know why this nmpa doesnt show 1101 as open port.

Any idea?

Thanks

On the machine running your software, try
to list all listening udp sockets. If yours is listed there, then there is something else preventing others from sending to it. Take a look at your iptables rules (if you have any configured). If those look sane, are you behind any external firewall device? If so, make sure that it is not dropping those packets.

maybe posting your distro and version someone may be familiar with it to tell you where to edit to open a port in your iptables firewall config file. that is if there is a firewall running on the machine. As root one maybe able to tell from this command as root.
/sbin/iptables -L

Brian

ok...i tried doing netstat -lu.

It doesnt have 1101 opened. I'm sure i have installed sebek.
Dont know why this port is closed


Any suggestions?

Perhaps the netstat output is correct, but it’s listed as the service name instead of a numerical port. In this case, it might say pt2-discover. I should have mentioned this earlier, but if you want to force numerical port numbers, give the -n flag. If you want to see processes owning the sockets, use the -p flag (may require root privileges). If you want to see both listening and sending sockets, use the -a flag. Altogether, that’s:
Also, are you sure that sebek is running (in addition to being installed)? What is the output of:
(assuming the executable is running as sebek).

Doing a sudo lsof -c sebek did not give any output. Does that mean sebek is not installed?

I'm using Red hat Enterprise 5 and kernels 2.6.18.

Kindly advice -

Now knowing the distro in question and if you used default RHEL 5 install options then the firewall iptables daemon script is enabled. You need to edit /etc/sysconfig/iptables and place this line somewhere in the middle. Then restart iptables daemon as root use this command.
/sbin/service iptables restart

Now check for open port

Brian

Sorry forgot to mention this earlier ...i used deafult rhel5 and then later disabled the firewall.

That's okay, because the firewall only controls access to a port, it has no part to play when it comes to "opening" it. As already mentioned by acid_kewpie, you need to have something use the port in order for it to be open. At this point, I suggest you use the netstat advice you've received in order to make sure your service is listening properly.

If you have disabled the iptables firewall then I don't think that is your problem.
Is selinux enabled? If so I would disable to see if that works if no firewall is running.

Brian

selinux is disabled. No luck

What does the output of ' /sbin/iptables -L ' say?

Brian

Output of sbin/iptables -L

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination