Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Opening Firewall Ports in Red Hat 1

Status
Not open for further replies.
johndog

johndog

Technical User
Apr 17, 2001
103
US
Hi,
I am trying to make sure the ports 80 and 9700-9802 are allowed to come through the firewall on my Red Hat Linux system. How do I check which ports are allowed to come through the firewall? I've done an nmap on the system and also and iptables -L but couldn't determine from these commands what was going on. If the ports are not allowed, how would I allow them? I would like to do this through a command-line interface if possible. Thanks, your help is appreciated.
 
Sort by date Sort by votes
iptables -A INPUT -p tcp -m tcp --sport 9700:9802 -j ACCEPT

#allow web server
iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
iptables -A OUTPUT -p tcp -m tcp --sport 80 -m state --state RELATED,ESTABLISHED -j ACCEPT


 
Upvote 0 Downvote
nmap will tell you what ports are listening. You'll need to run it on a remote system to get an accurate picture.

iptables -L will show the firewall configuration. You can use "iptables -Ln" to get numeric output. Specific ports might not be listed, so be sure to check the policy. If the policy is "drop" and port 80 isn't specifically listed as "accept", then it's not open.
 
Upvote 0 Downvote
When checking the ports with iptables -L, I can see that ports 9700:9802 are allowed and port 80 is as well. I am still experiencing a problem, however, when users try to authenticate to the server through a java client program from the internet. Today I performed a 'tcpdump' as I watched the packet headers come in from one of the clients. I know that the connection is being made because I did a 'netstat' on the server and saw that the <ip address>:9700 and <ip address>:9701 ports showed ESTABLISHED, however, the authentication from the client side still failed on the application. What I'm trying to determine from the information I have just provided is if I have been doing proper testing and if the problem resides in the code of the client application, and that the there is nothing blocking the ports on the server. Any help is appreciated.
 
Upvote 0 Downvote
I'd probably stop iptables and try it. If it still fails, it's not firewall-related.
 
Upvote 0 Downvote
Today I tried to stop/start iptables service, but it failed to start. I think that the changes I've made to iptables have had no impact at all because of this. The authentication was failing before I made the changes to iptables (allowed ports 9700:9802). Thanks.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

hobbytech
  • Locked
  • Question
Internet not connecting
Replies
5
Views
298
Stephen_Hawk
Stephen_Hawk
bhuv560
  • Locked
  • Question
Postfix Installation on EC2 AWS Linux
Replies
0
Views
135
bhuv560
bhuv560
KannaChan
  • Locked
  • Question
TLS1.2 and TLS1.0 proxy in same Virtualhost
Replies
1
Views
179
ChrisHirst
ChrisHirst
msk69
  • Locked
  • Question
RHEL 7 installation error
Replies
1
Views
216
msk69
msk69
malpa
  • Locked
  • Question
block incoming snmp traps from ip
Replies
1
Views
236
malpa
malpa

Part and Inventory Search

Sponsor

Back
Top