Questions about open ports on RH Linux server
I am running RHAS 4.0 with Firewall disabled. My question is, if I have an application required to use certain port for the listener, would I have to open that port or the port will open it and listen to it as I run the application??? I can specify which port to use within the application. Of course, the corp. firewall will be open on the public IP address and then NAT to this Linux server.
Any ideas? Please advice. Thank you in advance. J |
You shouldn't need to do anything if all your traffic is NAT'ed properly to the server.
|
It depends upon who you intend ... and who you intend to allow or disallow ... to "reach" that port.
If the traffic is to come in from the Internet, then your router must be told to offer a particular open-port to the Internet, and to direct all traffic from that port to "a particular port on a particular (inward-side) computer." Then, that computer must be prepared ... by firewalls and such ... to accept the connection. If traffic is not to come from the Internet, then your router should receive no such instruction. It won't allow inbound, unsolicited connection requests to come in from the Internet to anyone at all. It is therefore "your first-line gatekeeper." Nevertheless, on your internal network, any computer that is offering services to the internal net must have firewall-rules that permit the necessary connections to be made. Those rules should prohibit any connections (e.g. from the router) that should not be made. |
Quote:
The command that I used to see if anything running on that port is: netstat -nap | grep 9501 And it came back with nothing. However, when I tried to talk to the port 9501 (command that I used, nc 9501) and it came back with "no port[s] to connect to". So, I typed service iptables status and it came back with "Firewall is stopped.". I don't really understand if I can or can't use this port or when can I use this point. Please help!! Thanks, j Thanks!! |
Is your piece of SW up and running on that port? Use netstat cmd to check.
|
Quote:
Thanks, |
The easiest way is to startup your app and see if it runs. Check its using the port you expect with the netstat cmd.
Then try to talk to it from outside. You can also use nmap to check if its visible. If not, run the cmd iptables -L as root and post the results. |
All times are GMT -5. The time now is 04:02 AM. |