Results 1 to 7 of 7
Thread: RHEL 5 - Opening ports
Enjoy an ad free experience by logging in. Not a member yet? Register.
- Join Date
- Nov 2007
RHEL 5 - Opening ports
The issue I am having is the program support people are telling me to open ports 9649-9750 for the dispatch app's features to use. This is what I have done:
I went into Start > Administration > Security Level and Firewall
At the bottom of the window that opens is a drop-down called "Other Ports"
I clicked "+ Add" and entered 9649-9750 tcp and clicked "Apply"
Apparently this was not successful as the new application failed on an error related to port 9650.
I repeated the above but instead of "9649-9750" I entered "9650" thinking perhaps the way I had entered the range was invalid.
What should I be doing to open these ports? Is SELinux involved in my issue? Is there some basic setting that I have simply overlooked?
Any help would be greatly appreciated. Oh I feel like a noob all over again...
You can use IPtables to open and close ports. You should google a manual for iptables to find out how to do it but the basic structure would be something like:
#iptables -A INPUT -p tcp --dport 9649:9750 -j ACCEPT
To verify which ports are open, run:
- Join Date
- Nov 2007
Thanks for the info. I found a loooong guide here: http://iptables-tutorial.frozentux.n...-tutorial.html .
I tried using your:
#iptables -A INPUT -p tcp --dport 9649:9660 -j ACCEPT
Starting Nmap 4.11 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2007-11-02 11:24 PDT
Interesting ports on localhost.localdomain (127.0.0.1):
Not shown: 1674 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
111/tcp open rpcbind
631/tcp open ipp
1022/tcp open unknown
Nmap finished: 1 IP address (1 host up) scanned in 0.155 seconds
I then tried:
$nmap -p 9600-9700 localhost
Starting Nmap 4.11 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2007-11-02 11:26 PDT
All 101 scanned ports on localhost.localdomain (127.0.0.1) are closed
Nmap finished: 1 IP address (1 host up) scanned in 0.041 seconds
So I am back to reading more to try and figure out my issues but I greatly appreciate the direction.
11-02-2007 #4Originally Posted by Thrillhouse
[root@fugu ~]# hostname fugu.someplace.local [root@fugu ~]# iptables -I INPUT 2 -m state --state NEW -p tcp --dport 9649:9750 -j ACCEPT [root@fugu ~]# iptables -nvL Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 487 457K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:9649:9750 ... 6181 912K DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ...Code:
[hector ~]$ nmap -P0 -T4 fugu -p 9649-9750 Starting Nmap 4.20 ( http://insecure.org ) at 2007-11-02 13:32 CDT All 102 scanned ports on fugu.someplace.local (10.0.0.230) are closed
See, I am not an expert on this but you're on the right track and yes, SELinux could definitely be prohibiting you in some way. Check /etc/selinux/config and see what the SELINUX variable is set to.
11-02-2007 #6Originally Posted by BenF
This is where I read that.
Up to 15 ports can be specified. It can only be used in conjunction with -p tcp or -p udp.