LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   New To Linux and Need Help (https://www.linuxquestions.org/questions/linux-newbie-8/new-to-linux-and-need-help-707800/)

bseehausen 02-26-2009 02:31 PM
New To Linux and Need Help
 
I have a Red Hat Enterprise Linux 5 server which will be used for splunk. I need to backup this server using CA Brighstor Arcserve backup agent for Linux. I need to open up TCP ports 6050 and 6051 on the firewall on the Linux server. I ran the following commands:

iptables -I INPUT -p TCP --dport 6050 -j ACCEPT
iptables -I INPUT -p TCP --dport 6051 -j ACCEPT

I restarted the server and I still cannot connect through arcserve agent. I also cannot see these entries in my iptables.
[root@USSECIS017 sysconfig]# cat iptables
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 514 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8000 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT

I need to keep this box as locked down as possible. Please advise and let me know if you need any additional information.

Thank you,

acid_kewpie 02-26-2009 02:50 PM
well that file is not your iptables, that's just a config script for the iptables service, which you've not changed. if you run "iptables -L" then that should show your actual ruleset including those changes. I'd recommend you actually try using the system-config-firewall tool which is what does directly modify that script.

Good choice with Splunk btw, Absolutely excellent product.

vikas027 02-26-2009 03:07 PM
Always, remember, whenever you write a new rule for iptables.

run these commands to make it apply immediately.

Code:
service iptables save; service iptables restart
There, is no need to restart the server.

bseehausen 02-27-2009 06:45 AM
Thanks for your help
 
I received from Arcserve the entry to make in my iptables file which worked. I found out that runing the two commands that I posted didn't do anything because I did not save them which is what VIKAS027 mentioned. Thanks again for the replies. I am sure I will need more help at some point and it's nice to know you are out there to assist. By the way the entry that arcserve gave me for my iptables is as follows:

go to
/etc/sysconfig
then
su root
vi iptables
add the following line putting the port number where it says to
-A RH-Firewall-1-INPUT -m state _state NEW -m tcp -p tcp _dport port number -
j ACCEPT
save and exit
restart the network service by typing
service iptables restart

Again this worked and I am able to backup the server.

acid_kewpie 02-27-2009 09:17 AM
well yes, that's exactly what the system-config-firewall tool will do.


All times are GMT -5. The time now is 04:11 AM.