LinuxQuestions.org - opening ports

- Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)

- - opening ports (https://www.linuxquestions.org/questions/linux-newbie-8/opening-ports-924740/)

snooze1

01-20-2012 01:37 AM

opening ports

i am trying to open a UDP port on Centos 5.7 with iptables.

for some reason "iptables -A INPUT -p udp --dport 7777 -j ACCEPT" isn't working.

any suggestions?

aazkan

01-20-2012 03:17 AM

Hi

CentOSes up to CentOS 6 uses the RH-Firewall-1-INPUT chain. It goes like this

Code:

-A RH-Firewall-1-INPUT -p udp -m udp --dport 7777 -j ACCEPT

If you have a service or daemon already running on udp port 7777 try connecting to it with nmap or nc like so

Code:

nmap -nv -sU -p 7777 localhost

Code:

nc -nvvv -u localhost 7777

Hope this helps.
Regards,

snooze1

01-20-2012 04:32 AM

Quote:

Originally Posted by aazkan (Post 4579597)

Hi

CentOSes up to CentOS 6 uses the RH-Firewall-1-INPUT chain. It goes like this

Code:

-A RH-Firewall-1-INPUT -p udp -m udp --dport 7777 -j ACCEPT

If you have a service or daemon already running on udp port 7777 try connecting to it with nmap or nc like so

Code:

nmap -nv -sU -p 7777 localhost

Code:

nc -nvvv -u localhost 7777

Hope this helps.
Regards,

And do I add that in /etc/sysconfig/iptables?

aazkan

01-20-2012 05:35 AM

Yes. Edit /etc/sysconfig/iptables

or if your cli driven (who isn't), as root, type

Code:

iptables -I RH-Firewall-1-INPUT -p --dport 7777 -j ACCEPT

review it like so

Code:

iptables -L -nv |grep 7777

the nmap or nc test can be use as well.

snooze1

01-20-2012 05:44 AM

Quote:

Originally Posted by aazkan (Post 4579668)

Yes. Edit /etc/sysconfig/iptables

or if your cli driven (who isn't), as root, type

Code:

iptables -I RH-Firewall-1-INPUT -p --dport 7777 -j ACCEPT

review it like so

Code:

iptables -L -nv |grep 7777

the nmap or nc test can be use as well.

Somehow the port is opened now and I can see the server running fine, but when I try and do it with another server running on 9948 UDP adding "-A RH-Firewall-1-INPUT -p udp -m udp --dport 9948 -j ACCEPT" to the file doesn't work.

Also,

Code:

# iptables -I RH-Firewall-1-INPUT -p --dport 9948 -j ACCEPT

iptables v1.3.5: unknown protocol `--dport' specified

Try `iptables -h' or 'iptables --help' for more information.

aazkan

01-20-2012 06:06 AM

From you iptables output/example, your're missing

-p udp

Give it another try?

snooze1

01-20-2012 07:01 AM

Quote:

Originally Posted by aazkan (Post 4579685)

From you iptables output/example, your're missing

-p udp

Give it another try?

First of all, derp..

Code:

#  iptables -I RH-Firewall-1-INPUT -p udp --dport 9948 -j ACCEPT

iptables: No chain/target/match by that name

aazkan

01-20-2012 07:21 PM

Then it means there is no such chain. Have a look in your iptables what chains does it use?

aazkan

01-25-2012 06:23 PM

Hi snooze1,

Thought i chech up with you if you figured out your iptables problem?

tegards,

All times are GMT -5. The time now is 05:25 AM.