Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 08-08-2003, 04:29 PM   #1
LQ Newbie
Registered: Aug 2003
Posts: 2

Rep: Reputation: 0
Question port 515, 6000 iptables

Please help me block a port, I am a Linux Newbie (big time) I installed Slackware 9.0 about a week ago I have everything up and running almost but I have port 515, 6000 open and cant seem to shut them. So I thought I could Firewall it with iptables. I am on a cable modem. Here is the Syntax I am using

iptables -A INPUT -p all -d 515 -j DROP
When I Run iptools -L I get

Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all -- anywhere

the port 515 is still open when I run nmap
Any help would be appreciated
Old 08-08-2003, 05:39 PM   #2
Senior Member
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
The -d option is destination ip address (like, not destination port. What you want is --dport 515 instead. You will also get errors trying to do -p all --dport 515, because there are no port numbers for the icmp protocol. Only tcp and udp protocols use port numbers, so just make two rules:

iptables -A INPUT -p tcp --dport 515 -j DROP
iptables -A INPUT -p udp --dport 515 -j DROP

For port 6000 you have to be a little more careful, because it's the port that the Xserver connects to. If you block port 6000 to all interfaces, I'm pretty sure you won't be able to start X. So when you write that rule, remember to at least allow conections over the loopback interface. Something like this will do:

iptables -A INPUT -i !lo -p tcp --dport 6000 -j DROP

Where that is an exclaimation point before the lo. So what that's doing is saying "drop all connections to port 6000 that are not over the loopback interface".
Old 08-09-2003, 01:18 AM   #3
LQ Newbie
Registered: Aug 2003
Posts: 2

Original Poster
Rep: Reputation: 0

That worked perfectly.
Old 08-10-2003, 07:04 PM   #4
Senior Member
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
No problem magicmanstl, glad you got it to work.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Cannot bind to port 515 to print jitz Linux - General 1 11-17-2003 04:17 AM
Cannot bind lpd port 515 rdmapes Linux - Newbie 3 09-19-2003 05:49 AM
port 515 illtbagu Linux - General 19 06-21-2003 02:21 PM
close port 6000/tcp 515/tcp SchwipSchwap Linux - Newbie 1 09-12-2002 08:24 AM
ipchains/iptables and port 6000 zhenwu Linux - Security 6 11-16-2001 05:58 PM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:01 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration