LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 09-18-2009, 04:40 AM   #1
Uday123
Member
 
Registered: Nov 2005
Posts: 80

Rep: Reputation: 15
open ports using iptables from shell


Hi,

I am trying to open VNC ports(5901,5902) on my RHLinux machine using iptables.

I am able to do it from GUI system-config-security. Go to the Administration > Security Level and Firewall, then select "other ports" at the bottom and enter the portNum 5901 to open and select tcp, then click OK and OK again to save your settings.
From my windows m/n iam able to open vncsession using vncviewer on 5901 port.

But when I am trying to do it from command line:
#iptables -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5901 -j ACCEPT
This command added the entry in /etc/sysconfig/iptables and listed in iptables -L command.
Then I saved and restarted the iptables.
#service iptables save
#service iptables restart

When I am trying to open the VNC session from vncviewer, it is giving me error and session not opened.

Is there some thing I missed here? where can I check the logs for this? I definetly need this to be done from command line only. So please suggest me some idea to fix this.

Thanks in advance.
 
Old 09-18-2009, 06:15 AM   #2
Uday123
Member
 
Registered: Nov 2005
Posts: 80

Original Poster
Rep: Reputation: 15
Hi,

I got it.

Actually the entry I made is at the end of the file /etc/sysconfig/iptables (i.e. after REJECT all entry).
I moved my entry just above that line and restarted iptables. Everything looks fine.

Thanks
 
Old 09-18-2009, 06:59 AM   #3
jomen
Senior Member
 
Registered: May 2004
Location: Leipzig/Germany
Distribution: Arch
Posts: 1,687

Rep: Reputation: 55
If you use -I instead of -A your line will not be appended (-A) at the end but (-I) inserted at the top.
You could also use -I <number> to tell the line where to insert.
No need for a restart of iptables service or editing the file.
With -D <number> you can also remove a rule.
 
Old 09-18-2009, 07:16 AM   #4
deadeyes
Member
 
Registered: Aug 2006
Posts: 609

Rep: Reputation: 79
You only seem to allow new connections? and no established ones?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
how to open ports with iptables lsimon4180 Linux - Security 7 07-07-2014 02:06 PM
open ports for utorrent using iptables n close smpt to that ports shtorrent00 Linux - Networking 2 09-30-2008 03:34 PM
Open All Ports - iptables Artik Linux - Networking 2 06-21-2005 03:17 PM
open ports with iptables? vijaysh Linux - Networking 2 12-27-2004 06:54 AM
iptables and open ports benjithegreat98 Linux - Networking 5 12-23-2003 08:12 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 10:25 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration