Thursday, 24 November 2011

Steps to check the opened ports in IP tables

To view the ports that are already opened in the server, execute the following command.

netstat -plan |grep LISTEN


Steps to open a new port in IP tables

Before opening a port, you should be aware of why are you opening the port and what is the port being used for.

Save the existing IP tables.

root@server [~]# /etc/init.d/iptables save
Saving firewall rules to /etc/sysconfig/iptables: [ OK ]

To open a port, execute the commands below.

iptables -A allowed -p tcp --dport portno -s IPaddress -j ACCEPT
iptables -A allowed -p udp --dport portno -s IPaddress -j ACCEPT

To allow all IP address,

iptables -A INPUT -i eth0 -p tcp -m tcp --dport portno -j ACCEPT

Check whether the Port is allowed.

root@server [~]# iptables -nL | grep :3306
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306

No comments: