LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 03-24-2006, 08:53 AM   #1
lmcilwain
Member
 
Registered: Dec 2003
Location: Maryland
Distribution: Fedora, Ubuntu, Centos, FreeBSD
Posts: 390

Rep: Reputation: 31
Firestarter Enable UDP Port


Hello all,

Can anyone tell me how I can get firestarter to enable a udp port? I am trying to setup my syslog server but none of the other machines are able to send syslog messages to it because firestarter is blocking the port.

I didn't see anywhere in the GUI where you can specifically set a port for UDP so is there another way that I can do this? Or what is the correct way to set this in the GUI?

Thanks,
 
Old 03-24-2006, 09:12 AM   #2
celejar
Member
 
Registered: Oct 2003
Location: New York
Distribution: Debian Sid
Posts: 185

Rep: Reputation: 30
Firestarter indeed doesn't seem to allow distinctions to be made between TCP and UDP via its GUI; the only references in the manual to UDP involve manually editing the configuration files. But for your purposes, why not just open the port for both? I don't think there's really any significant additional security risk in doing so.
 
Old 03-24-2006, 11:49 AM   #3
lmcilwain
Member
 
Registered: Dec 2003
Location: Maryland
Distribution: Fedora, Ubuntu, Centos, FreeBSD
Posts: 390

Original Poster
Rep: Reputation: 31
No there isn't a security risk since Im behind my router and there isn't any port forwarding using the UDP protocol.

How would I open the port for both UDP and TCP if firestarter doesn't have a way to distinguish between the two? I know nothin about how to set this using the command line and not sure I would want to since firestarter would over write it everytime I reboot.
 
Old 03-24-2006, 02:10 PM   #4
celejar
Member
 
Registered: Oct 2003
Location: New York
Distribution: Debian Sid
Posts: 185

Rep: Reputation: 30
You just (through the GUI) add a rule; the dialogue box allows you to specify the port number, and Firestarter apparently takes the same action for both TCP and UDP.
 
Old 03-24-2006, 02:12 PM   #5
lmcilwain
Member
 
Registered: Dec 2003
Location: Maryland
Distribution: Fedora, Ubuntu, Centos, FreeBSD
Posts: 390

Original Poster
Rep: Reputation: 31
Hmmm... I did do that and I still was not able to get syslog messages through. Is it possible I'm specifying the wrong prot number? I'm specifying 514 and using Fedora Core 5.
 
Old 03-24-2006, 02:44 PM   #6
celejar
Member
 
Registered: Oct 2003
Location: New York
Distribution: Debian Sid
Posts: 185

Rep: Reputation: 30
514 seems correct. You can check the firewall logs (or Firestarter's list of blocked traffic) to see if the firewall is blocking anything. You can try scanning the server machine from another machine (one of the syslogging ones) and see if 514 seems open.
 
Old 03-27-2006, 08:03 PM   #7
lmcilwain
Member
 
Registered: Dec 2003
Location: Maryland
Distribution: Fedora, Ubuntu, Centos, FreeBSD
Posts: 390

Original Poster
Rep: Reputation: 31
I did a netstat -l (to try and find the port its listening on) I get the following for syslog

Proto udp
Recv-Q 0
Send-Q 0
Local Address *:syslog
Foreign Address *:*
State
(Needless to say I didn't find the port number that it is listening on - so Im not sure what port to enable on my firewall)
This also tells me that my syslog daemon is not listening for incoming messages from other machines most likely.

nmap shows the following for port scanning:

Starting Nmap 4.00 ( http://www.insecure.org/nmap/ ) at 2006-03-27 20:58 EST
Interesting ports on 192.168.1.xxx
(The 1667 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 4.3 (protocol 2.0)
111/tcp open rpcbind 2 (rpc #100000)
5801/tcp open vnc-http RealVNC 4.0 (Resolution 400x250; VNC TCP port: 5901)
5901/tcp open vnc VNC (protocol 3.8)
6001/tcp open X11 (access denied)
Service Info: OS: Unix

Nmap finished: 1 IP address (1 host up) scanned in 7.017 seconds

For reference, Here is what I did to try and get the syslog daemon to listen for incoming messages:
cp /etc/rc.d/init.d/syslog ~/backup/.
sudo vi /etc/rc.d/init.d/syslog
changed SYSLOGD_OPTIONS="-m 0" to SYSLOGD_OPTIONS="-m 0 -r"
:x to save the file
service syslog restart and/or rebooted the machine
 
Old 03-28-2006, 08:24 AM   #8
celejar
Member
 
Registered: Oct 2003
Location: New York
Distribution: Debian Sid
Posts: 185

Rep: Reputation: 30
Stumped. Do you have the line 'syslog 514/udp' in your /etc/services ? Did you try explicitly telling nmap to scan port 514?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
telneting to a udp port. juanb Linux - Security 3 03-06-2013 01:30 PM
TCP Port 53 Open - How to enable UDP 53? stardotstar Linux - Networking 6 03-16-2005 04:49 AM
UDP Port 1697 RandomIZE Linux - Networking 5 03-23-2004 03:47 PM
closing port 68/udp? antik Linux - Security 1 09-26-2003 12:26 PM
How do I open up a UDP port? Dirt Linux - Networking 9 06-06-2003 05:50 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 03:08 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration