LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 12-28-2015, 10:08 PM   #1
gamejava
LQ Newbie
 
Registered: Dec 2015
Posts: 1

Rep: Reputation: Disabled
Blocked out Port 8080 and Port 3306


i can access port 22 and port 80 ..but i am unable to access port 8080 and port 3306
Code:
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:FORWARD ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i em2 -j ACCEPT
-A INPUT -p tcp -m state -m tcp --dport 22 --state NEW -j ACCEPT
-A INPUT -p tcp -m state -m tcp --dport 80 --state NEW -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT -m comment --comment "Tomcat Server Port"
-A INPUT -p tcp -m state -m tcp --dport 3306 --state NEW -j ACCEPT
-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
-A FORWARD -p icmp -j ACCEPT
-A FORWARD -i lo -j ACCEPT
-A FORWARD -i em2 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
can u please guide me
 
Old 12-29-2015, 09:31 AM   #2
pan64
LQ Addict
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 21,687

Rep: Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274Reputation: 7274
would be nice to explain how did you try that and what did you expect at all?
 
Old 12-29-2015, 10:36 AM   #3
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Abingdon, VA
Distribution: Catalina
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
Quote:
Originally Posted by gamejava View Post
i can access port 22 and port 80 ..but i am unable to access port 8080 and port 3306
Define "access".
Is tomcat (which btw?) running and listening on port 8080?
Is mysql(-server) running and accepting connections from localhost on 3306?
Code:
sudo netstat -natp | grep -e 8080 -e 3306
Some tools/code to try.
Code:
lynx localhost:8080
mysql -uroot -p -h127.0.0.1
telnet 127.0.0.1 3306
Firewall rules work only if there's a listening service/daemon on the host to answer/satisfy the request.

fwNoRules + NoDaemon = No Access
fwRules + NoDaemon = No Access
fwRules + Daemon = Access

Last edited by Habitual; 12-29-2015 at 10:48 AM. Reason: 1 lousy capital R - duh
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
mysqld running and reading for connections on port 3306, no port 3306 found from scan darkenigmaa Linux - Networking 10 07-13-2016 11:53 AM
Tomcat6 stops listening on port 80 when i change from port 8080 to port 80 trongthect Linux - Server 1 07-27-2012 05:41 PM
CentOS 5: iptables - cannot open port 80 and nat to port 8080 for Tomcat steve willett Linux - Networking 4 09-24-2010 04:03 AM
access 8080 web server port through squid running on 8080 sunethj Linux - Networking 11 05-18-2007 02:38 AM
debian iptables squid - redirect port 80 to port 8080 on another machine nickleus Linux - Networking 1 08-17-2006 12:59 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:33 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration