Re: Opening port on machine
- From: cris.pini@xxxxxxxxx
- Date: 15 Sep 2006 04:28:45 -0700
Alexander Dalloz wrote:
On Fri, 15 Sep 2006 02:21:06 -0700 cris.pini wrote:
Hi,
I'm using Red Hat Enterprise Linux ES release 4 (Nahant Update 3) and
have used the system-config-securitylevel utility to open port 5505 on
the firewall. The iptables config now looks like this:
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -i eth0 -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5505
-j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
Standard RHEL4 iptables setup with your port 5505/tcp add.
I restarted iptables successfully and would now expect to be able to
telnet to that port on the machine locally as I'm expecting the port to
have been opened and ready listening, however, I get connection
refused.
service iptables status
gives you a list of all active iptables rules.
# telnet localhost 5505
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
telnet: Unable to connect to remote host: Connection refused
Can anyone help please as this seems to be a trivial problem that
should be easy to sort out but I've been racking my brains for a while
trying to get this to work.
Many thx.
There must be service listening on port 5505 to be successful with such a
simple "telnet test".
lsof -i :5505
Alexander
--
Alexander Dalloz | Löhne, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp
Serendipity 12:34:12 up 8 days, 14:43, load average: 0.15, 0.18, 0.07
There must be service listening on port 5505 to be successful with such a
simple "telnet test".
lsof -i :5505
Thx for this, running the lsof command above does not return anything
and I'm guessing this is because I haven't bound my service to the
port.
Basically, I'm running a network monitoring daemon process that is
listening for messages being carried over the socket via tcp using port
5505 on remote hosts. Do I need to bind this service to the port or
can't I just have an open port, if I need to bind can you advise as to
how this is done pls. Thx
.
- Follow-Ups:
- Re: Opening port on machine
- From: Alexander Dalloz
- Re: Opening port on machine
- References:
- Opening port on machine
- From: cris . pini
- Re: Opening port on machine
- From: Alexander Dalloz
- Opening port on machine
- Prev by Date: Re: Opening port on machine
- Next by Date: Re: Opening port on machine
- Previous by thread: Re: Opening port on machine
- Next by thread: Re: Opening port on machine
- Index(es):
Relevant Pages
|
