General discussion

Locked

ipchains firewall

By cp409sd ·
I need to find out what ports a program I am running uses so that I can let it through my firewall. There is no documentation as to which ports it uses. When the firewall is down, the program works. When it is up, it doesn't.

I figured an easy way to find out was to make a small script that allowed everything through and logged everything as well, so that I could just look at the log and see what ports it uses, and then make the proper entry in my firewall script. So that is what I did.Unfortunetely, the script I wrote lets all traffic through the firewall, but it does not seem to be logging any ports it is going through. Not sure where the flaw in my logic is. Here is the small script I wrote:

ipchains -F
ipchains -P input ACCEPT
ipchains -P output ACCEPT
ipchains -P forward ACCEPT
ipchains -A input -j ACCEPT -l
ipchains -A output -j ACCEPT -l
ipchains -A forward -j ACCEPT -l

Please let me know if there if a better way to do what I am trying to do. Thanks.

This conversation is currently closed to new comments.

8 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

ipchains firewall

by jeric In reply to ipchains firewall

You should look for the file named services at /etc. You can use pico to view it then all the ports the programs use are listed there including the protocol used.

Collapse -

ipchains firewall

by cp409sd In reply to ipchains firewall
Collapse -

ipchains firewall

by iandrei In reply to ipchains firewall

this should work :
before you start your program do netstat -nta
and see what ports are currently open
now start your program and do again netstat -nta
and see what port has open

Collapse -

ipchains firewall

by cp409sd In reply to ipchains firewall
Collapse -

ipchains firewall

by lowkey In reply to ipchains firewall

The flaw in your script is that you setup the default policy as ACCEPT. No other rules are used. Change the default policy to DENY and then leave the last three lines the same. This way everything will go through them rather than the default policy.

To determine what ports a program is using, visit the Tech Support Website for the program you are using. As firewalls become more common, more FAQs include what Ports need to be forwarded.

If that doesn't work, then install a packet sniffer (like Ethereal) on you Linux box. Then enable it and attempt to usethe program in question. By reviewing the sniffer logs you will be able to see what traffic was seen by the firewall.

Collapse -

ipchains firewall

by cp409sd In reply to ipchains firewall

Worked great. Thanks for the help.

Collapse -

ipchains firewall

by lowkey In reply to ipchains firewall

The flaw in your script is that you setup the default policy as ACCEPT. No other rules are used. Change the default policy to DENY and then leave the last three lines the same. This way everything will go through them rather than the default policy.

To determine what ports a program is using, visit the Tech Support Website for the program you are using. As firewalls become more common, more FAQs include what Ports need to be forwarded.

If that doesn't work, then install a packet sniffer (like Ethereal) on you Linux box. Then enable it and attempt to usethe program in question. By reviewing the sniffer logs you will be able to see what traffic was seen by the firewall.

Collapse -

ipchains firewall

by cp409sd In reply to ipchains firewall
Back to Linux Forum
8 total posts (Page 1 of 1)  

Related Discussions

Related Forums