LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-02-2015, 06:19 PM   #1
Raakh5
Member
 
Registered: Mar 2012
Posts: 169

Rep: Reputation: Disabled
Port is not opened in CentOS


Hello,

I am trying to open port 1695 but its not working. I just added into iptables and trying to access.
Code:
# iptables -L -n
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW,RELATED,ESTABLISHED tcp dpt:1695 
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW,RELATED,ESTABLISHED udp dpt:1695 

# netstat -nap | grep :1695

telnet servername 1695
Trying ipAddress...
telnet: connect to address ipAddress: Connection refused
#
Is anything else I have to do?

Best regards
 
Old 10-02-2015, 06:36 PM   #2
keirvt
Member
 
Registered: Sep 2006
Location: Sydney Australia
Distribution: fedora/Ubuntu
Posts: 123

Rep: Reputation: 17
IPtables

Make sure it is an IPtables problem.
First turn them off

Code:
service iptables stop
and try to make the telnet connection.
If the connection works modify IPtables with

Code:
sudo iptables -A INPUT -p tcp --dport 1695 -j ACCEPT
After setting the iptables as you like remember tosave.
 
Old 10-02-2015, 07:03 PM   #3
Habitual
LQ 5k Club
 
Registered: Jan 2011
Location: Nowhere near you, thank God.
Distribution: OSX Sierra
Posts: 8,576
Blog Entries: 15

Rep: Reputation: Disabled
Start a service that opens port 1695?
 
Old 10-02-2015, 08:01 PM   #4
Doug G
Member
 
Registered: Jul 2013
Posts: 749

Rep: Reputation: Disabled
Also if it's centos7 check firewalld
 
Old 10-03-2015, 12:25 AM   #5
Raakh5
Member
 
Registered: Mar 2012
Posts: 169

Original Poster
Rep: Reputation: Disabled
Code:
]# iptables -A INPUT -p tcp --dport 1695 -j ACCEPT
# service iptables start

# service iptables status
Table: mangle
Chain PREROUTING (policy ACCEPT)
num  target     prot opt source               destination         

Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
num  target     prot opt source               destination         

Table: nat
Chain PREROUTING (policy ACCEPT)
num  target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
num  target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination         

Table: filter
Chain INPUT (policy DROP)
num  target     prot opt source               destination         
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
2    REJECT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp flags:!0x17/0x02 state NEW reject-with tcp-reset 
3    DROP       all  --  0.0.0.0/0            0.0.0.0/0           state INVALID 
4    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
5    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:12443 
6    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:11443 
7    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:11444 
8    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:8447 
9    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:8443 
10   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:8880 
11   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:80 
12   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:443 
13   DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:21 
14   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:22 
15   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:587 
16   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:25 
17   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:465 
18   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:110 
19   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:995 
20   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:143 
21   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:993 
22   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:106 
23   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:3306 
24   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:5432 
25   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:9008 
26   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:9080 
27   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:137 
28   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:138 
29   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:139 
30   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:445 
31   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:1194 
32   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:53 
33   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:53 
34   ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 8 code 0 
35   ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
36   DROP       all  --  183.238.167.108      0.0.0.0/0           
37   DROP       all  --  64.196.58.64         0.0.0.0/0           
38   DROP       all  --  116.55.19.208        0.0.0.0/0           
39   DROP       all  --  193.140.215.133      0.0.0.0/0           
40   DROP       all  --  37.9.170.47          0.0.0.0/0           
41   DROP       all  --  109.102.215.227      0.0.0.0/0           
42   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW,RELATED,ESTABLISHED tcp dpt:1695 
43   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW,RELATED,ESTABLISHED udp dpt:1695 

Chain FORWARD (policy DROP)
num  target     prot opt source               destination         
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
2    REJECT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp flags:!0x17/0x02 state NEW reject-with tcp-reset 
3    DROP       all  --  0.0.0.0/0            0.0.0.0/0           state INVALID 
4    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
5    DROP       all  --  0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT (policy DROP)
num  target     prot opt source               destination         
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
2    REJECT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp flags:!0x17/0x02 state NEW reject-with tcp-reset 
3    DROP       all  --  0.0.0.0/0            0.0.0.0/0           state INVALID 
4    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
5    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
then I did
Code:
# telnet serverName.com 1695
Trying 159.253.140.155...
telnet: connect to address 159.253.140.155: Connection refused
[root@serverName ~]# netstat -nap | grep :1695
[root@serverName ~]# service iptables stop
iptables: Setting chains to policy ACCEPT: mangle nat filte[  OK  ]
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Unloading modules:                               [  OK  ]
[root@serverName ~]# iptables -A INPUT -p tcp --dport 1695 -j ACCEPT
[root@serverName ~]# iptables save
Bad argument `save'
Try `iptables -h' or 'iptables --help' for more information.
[root@serverName ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]
[root@serverName ~]# service iptables start
iptables: Applying firewall rules:                         [  OK  ]
Now when I ran service iptables statsus then following appears:
Code:
[root@serverName ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination         
1    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:1695 

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination         

[root@serverName ~]# cat /etc/sysconfig/iptables
# Generated by iptables-save v1.4.7 on Fri Oct  2 23:15:22 2015
*filter
:INPUT ACCEPT [370:64924]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [349:64819]
-A INPUT -p tcp -m tcp --dport 1695 -j ACCEPT 
COMMIT
# Completed on Fri Oct  2 23:15:22 2015
[root@serverName ~]#
why my iptables file overwritten and still not port 1695 working

Please advise
 
Old 10-03-2015, 02:34 PM   #6
Raakh5
Member
 
Registered: Mar 2012
Posts: 169

Original Poster
Rep: Reputation: Disabled
Please help me as my iptables rules overwritten by wrong advise. How can I rollback my iptables file?
 
Old 10-03-2015, 02:53 PM   #7
michaelk
Moderator
 
Registered: Aug 2002
Posts: 16,350

Rep: Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908
As asked previously is there a service running on port 1695?

The IANA registered service is rrilwm but not sure what that is and a quick google comes up empty.
 
Old 10-03-2015, 02:56 PM   #8
Raakh5
Member
 
Registered: Mar 2012
Posts: 169

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by michaelk View Post
As asked previously is there a service running on port 1695?
not at all. I stated I want now to create this port and want it to run one service on it

Quote:
Originally Posted by michaelk View Post
The IANA registered service is rrilwm but not sure what that is and a quick google comes up empty.
I not understand it?? please be more specific
 
Old 10-03-2015, 03:02 PM   #9
michaelk
Moderator
 
Registered: Aug 2002
Posts: 16,350

Rep: Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908
Neither netstat or telnet will respond if a service is not listening to port 1695 regardless of the firewall setting. The first thing is to create the service, test it locally i.e. on the same server and then through the firewall.
 
Old 10-03-2015, 03:04 PM   #10
Raakh5
Member
 
Registered: Mar 2012
Posts: 169

Original Poster
Rep: Reputation: Disabled
Right now the problem is not service or port but I implemented wrong advice and my iptables overwritten. Everything deleted from this file. How can I revert it back?
 
Old 10-03-2015, 03:20 PM   #11
michaelk
Moderator
 
Registered: Aug 2002
Posts: 16,350

Rep: Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908
If you used the service iptables-save command then the old version is saved in /etc/sysconfig/iptables.old. If you rename iptables.old to iptables and restart then it should be back.

Last edited by michaelk; 10-03-2015 at 03:36 PM.
 
Old 10-03-2015, 03:26 PM   #12
Raakh5
Member
 
Registered: Mar 2012
Posts: 169

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by michaelk View Post
Without knowing what distribution or how you overwrote your iptables I can not say how of if it is possible to revert back.

If running CentOS and you used the service iptables-save command then the old version is saved in /etc/sysconfig/iptables.old. If you rename iptables.old to iptables and restart then it should be back.
There is not iptables.old file. I used the commands as stated in my reply #5 timestamp Yesterday, 11:25 PM
 
Old 10-03-2015, 03:56 PM   #13
michaelk
Moderator
 
Registered: Aug 2002
Posts: 16,350

Rep: Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908
Sorry, I did not read all of the posts carefully enough. Never mind, the iptables.old is a backup created by the system-config-firewall utility. The original rules are lost.
 
Old 10-03-2015, 04:00 PM   #14
Raakh5
Member
 
Registered: Mar 2012
Posts: 169

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by michaelk View Post
Sorry, I did not read all of the posts carefully enough. Never mind, the iptables.old is a backup created by the system-config-firewall utility. The original rules are lost.
What should I do now as there were lot of rules in my iptables?
 
Old 10-03-2015, 04:06 PM   #15
michaelk
Moderator
 
Registered: Aug 2002
Posts: 16,350

Rep: Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908Reputation: 1908
How were they originally created?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Check which port is opened malickhat Linux - Newbie 5 05-11-2010 04:17 AM
how to identify the status of serial port ("Port Already Opened") from a C program rajmohan_tricom Linux - Software 3 02-07-2010 11:27 PM
should port 6000 be opened? hottdogg Slackware 9 06-01-2007 02:05 PM
Strange port opened ivanatora Linux - Security 4 11-11-2003 11:57 AM
how is a tcp port opened? Kayaker Linux - Security 7 05-12-2003 01:47 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 01:45 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration