General discussion

Locked

Linux firewall

By Brian ·
How do you open a port on a Linux based firewall.Iam looking for a simple command to open port 7070. Iam clueless.

This conversation is currently closed to new comments.

9 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Linux firewall

by Ann777 In reply to Linux firewall

The file /etc/inetd.conf is where ports are configured. This file affects traffic terminating at the firewall, not passing through it. Disabling something like POP3 or IMAP is acceptable, since when you go to get your mail from a PC inside your network, this traffic will pass through the firewall (but not stop) on its way to your ISP's POP3 or IMAP mail server.

Remember, the more ports and addresses you choose to leave open, the more closely you will need to watch your firewall for break-in attempts. We have left TELNET and FTP open, so we'll want to restrict the originating IP addresses on both networks to those we want to let in.

Here's a great article on using linux as a firewall:

http://www.linuxjournal.com/print.php?sid=3546

Collapse -

Linux firewall

by Brian In reply to Linux firewall

The question was auto-closed by TechRepublic

Collapse -

Linux firewall

by rouse In reply to Linux firewall

In redhat 7.2, the ipchain rules are in the /etc/sysconfig/ipchains file. You can get a list of the current rules with: /sbin/ipchains -L
Note that case is sensitive.
You might try this at a terminal window:
/sbin/ipchains -A input -s 0/0 -d 0/0 7070 -p tcp -y -j ACCEPT
and
/sbin/ipchains -A input -s 0/0 7070 -d 0/0 7070 -p udp -i eth0 -j ACCEPT
The first one opens tcp & the second opens udp. Not sure if you need both. Hope this works for you.

Collapse -

Linux firewall

by Brian In reply to Linux firewall

The question was auto-closed by TechRepublic

Collapse -

Linux firewall

by schannachie In reply to Linux firewall

Hi,

To open a port you can, first set the port
open with a command, as it advised at the two
previous answers. This has only the problem that
at the next start up, or while you don't power
off your linux box it will work. If you need to
have this open you can follow this second option.
First at your home dir, create a file ie.
my.config.ipchains (or what ever). Open the file
and set the commands in:

#######################
#

# Deny rules
#
#######################
ipchains -I input -j DENY --log -p tcp
--destination port 0000:65536 --interface eth01


#######################
#
# Accept rules
#
#######################

ipchains -I input -j ACCEPT --log -p tcp
--destination port 7070 --interface eth01

You can use REJECT command also. At the
interface device place yours as it is set up at
your linux box.

When you have made your script, then copy the
file with a name S99.my.firewall.config, change
the attributes of the file with the chmode
command

chmode 777 S99.my.firewall.config

and then copy this file from your home dir to
etc/init.d/rc2.d directory. And your settings
will activate at startup time.


Hope it helps !

Collapse -

Linux firewall

by Brian In reply to Linux firewall

The question was auto-closed by TechRepublic

Collapse -

Linux firewall

by techpro In reply to Linux firewall

if you're using iptables (kernel 2.4.x) you need to type something along the lines of

iptables -A INPUT -j ACCEPT -p tcp --dport 7070

that will open connections to the local machine on port 7070 using tcp both incoming and outgoing

note however that if the machines behind your firewall have public ips (ie you;'re not using NAT) and want to access the machines on that port, you will need to put FORWARD instead of INPUT since the packets will not be destined to the firewall but merely passing through

Collapse -

Linux firewall

by Brian In reply to Linux firewall

The question was auto-closed by TechRepublic

Collapse -

Linux firewall

by Brian In reply to Linux firewall

This question was auto closed due to inactivity

Back to Linux Forum
9 total posts (Page 1 of 1)  

Related Discussions

Related Forums